ApeRocket, a decentralized finance (DeFi) yield farming aggregator, has suffered two flash loan attacks costing users $1.26 million.
- The attacks occurred on ApeRocket's Binance Smart Chain and its Polygon fork within a few hours of each other on Wednesday, according to a blog announcement.
- The two exploits were carried out in Aave and PancakeSwap and amounted to a combined $1.26 million.
- In both cases, substantial funds were borrowed in AAVE and CAKE, meaning the hacker held over 99% of the funds in the two protocol's vaults. Large amounts of money were then sent to the vault contract leading to the minting of a high number of tokens, which the hacker then dumped.
- The price of ApeRocket's SPACE token crashed by around 63% as a result. No further SPACE tokens will be minted in the meantime while ApeRocket sets about compensating investors for the incident.