SVT tokens were attacked by flash loans, and the economic model loopholes of SVT transaction contracts were exploited. The attackers made approximately $400,000 in profit from repeated buying and selling operations. According to MistTrack analysis, the attacker's initial funds came from SwftSwap, and 1070 BNB has been transferred to Tornado Cash.

Flashloan Exploit Overview

Blockchain security firm Certik Alert reported a flashloan exploit on SVT tokens that resulted in a $400,000 loss. According to the report, the attacker took advantage of a vulnerable contract for SVT trading. Unsuspecting users fell victim to the attack and lost their funds as a result.

The exploit was made possible due to the trading contract's flawed economic model. The attacker used a pattern of repeated buy and sell operations to gain approximately $400,000 in profits.

About SVT Token

SVT was the native token of Solvent Protocol, a Solana-based decentralized finance (DeFi) platform that had ceased operations in May 2023. The protocol had given users until July 31st, 2023 to withdraw their assets and sell back their SVT tokens, as they would no longer offer any utility beyond that date.

The team had specifically asked community members to avoid SVT-related market liquidity pools on decentralized exchanges. Despite this warning, the token continued to see considerable trading activity on exchanges.

Market Activity

Data from CoinMarketCap showed that despite the defunct status of the project:

• The token added a price gain of 7.9% in the month prior to the attack
• It gained over 5% in the week before the attack
• It showed a 0.67% increase in the 24 hours preceding the report

These price movements, coupled with high volatility, suggested the token might have been subject to pump and dump schemes even before the flashloan exploit occurred.