Summary # On March 5th, WOOFi Swaps’ sPMM algorithm was exploited on the Arbitrum network. The attacker used a sequence of flash loans to manipulate the price of the WOO token due to low liquidity. The exploit occurred due to a combination of the sPMM algorithm vulnerability, incorrect price adjustment, and a failure in the fallback check mechanism. The attacker was able to use flash loans to manipulate the price of WOO and drain funds from the affected pool.
...
Summary # On January 2, 2024, Radiant Capital on the Arbitrum Chain suffered a $4.6 million loss from a sophisticated exploit, involving 1902 ETH, due to a smart contract vulnerability. The attack was orchestrated by utilizing flash loans to inflate the USDC reserve liquidity index on the platform artificially. This enabled the attacker to borrow excessive WETH against the artificially high collateral value. The situation was exacerbated by a rounding error within the contract’s calculations, allowing the attacker to manipulate deposit and withdrawal transactions cleverly.
...