Flash Loan Attack Simulator
Simulate a Flash Loan Attack
See how a flash loan could manipulate prices and drain funds. Adjust parameters to understand how liquidity and oracle systems affect vulnerability.
Flash loan attacks aren’t science fiction. They’re happening right now - and they’re stealing millions in seconds. In March 2025, a single transaction drained $7 million from KiloEx. In April 2022, an attacker used a $1 billion flash loan to collapse Beanstalk Farms, wiping out $182 million in user funds. These aren’t random glitches. They’re precise, repeatable, and terrifyingly simple to execute - if you know where to look.
What Exactly Is a Flash Loan?
A flash loan is a loan with no collateral, no credit check, and no repayment period - except one: it must be paid back before the blockchain transaction ends. That’s it. You borrow $10 million, swap it around, manipulate prices, and repay it all within the same block. If you fail? The whole transaction vanishes, like it never happened. The protocol doesn’t lose anything. You do. This feature was built into AAVE to let traders arbitrage price differences across exchanges. But it’s also the perfect weapon. Because the loan is atomic - all-or-nothing - attackers can use it to break the rules of the system without leaving a trace. No one can freeze the funds. No one can stop it mid-transaction. It’s like hacking a bank vault by borrowing the key, opening it, stealing everything, and returning the key before the alarm even rings.How Flash Loan Attacks Actually Work
Here’s the step-by-step playbook most attackers follow:- Borrow: Attackers take out a massive flash loan - usually in ETH, USDC, or DAI - from a protocol like AAVE or Uniswap V3.
- Manipulate: They swap the borrowed token into another token on a decentralized exchange (DEX) with low liquidity. A $10 million swap in a $20 million pool can double or triple the token’s price instantly.
- Exploit: The attacker uses that inflated price as collateral on another DeFi protocol. If the protocol trusts the DEX’s price feed, it lets them borrow far more than they should - sometimes 10x or 20x the real value.
- Drain: They withdraw the fake collateral value, sell the real tokens, and pocket the difference.
- Repay: They return the original flash loan. The transaction closes. The attack is complete. The protocol’s smart contract doesn’t know anything’s wrong - because it never saw the manipulation. It only saw the final, repaid state.
Why Oracle Manipulation Is the Biggest Weak Point
Most flash loan attacks succeed because DeFi protocols rely on price oracles - external data feeds that tell smart contracts what assets are worth. If a protocol uses only one DEX as its price source, it’s asking for trouble. Take the PancakeBunny attack in 2021. Attackers borrowed $150 million in BNB, swapped it for BUNNY tokens on PancakeSwap, and spiked the price. Because PancakeBunny’s smart contract trusted only PancakeSwap’s price feed, it thought BUNNY was worth 10x more. They borrowed $200 million in BNB against that fake value, dumped BUNNY on the open market, and crashed the token. $200 million vanished. The problem isn’t the flash loan. It’s the oracle. If a protocol uses a single source for its prices, it’s like trusting a single weather station to predict a hurricane. One bad reading, and the whole system fails.
Real Attacks, Real Losses
Flash loan attacks aren’t rare. They’re rising.- Beanstalk Farms (April 2022): $182 million lost. Attackers used a flash loan to gain control of governance votes and change the protocol’s rules to drain funds.
- PancakeBunny (2021): $200 million stolen through price manipulation and fake collateral.
- KiloEx (March 2025): $7 million lost in a flash loan exploit targeting a leveraged trading platform.
- 2025 Totals: Over $1.7 billion lost to crypto hacks so far this year - flash loan attacks are now responsible for nearly 30% of all DeFi losses.
How Protocols Are Fighting Back
The good news? Defenses are catching up. Time-Weighted Average Pricing (TWAP) is becoming standard. Instead of trusting a single price point, protocols now average prices over minutes or hours. A $10 million swap won’t move the needle if the system looks at the last 100 blocks. Multi-oracle systems are replacing single-source feeds. Protocols like Chainlink and Pyth Network pull data from dozens of exchanges. If one feed gets manipulated, others act as checks. Circuit breakers are being added. If a token’s price jumps 20% in one block, trading pauses. It’s not perfect - it slows things down - but it stops the most obvious attacks. Code audits are no longer optional. Protocols like AAVE, Compound, and Curve now spend months auditing contracts before launch. They test for reentrancy, missing access controls, and logic flaws that attackers can exploit. And then there’s on-chain monitoring. Tools from Amberdata and SlowMist now track unusual transaction patterns in real time. If a wallet borrows $50 million, swaps it all in one block, and repays - the system flags it. Some protocols now require manual approval for transactions over $1 million.
What You Can Do as a User
If you’re lending, staking, or providing liquidity:- Avoid protocols that use a single price oracle. If it only pulls data from one DEX, walk away.
- Check for TWAP or multi-source pricing. Look for mentions of “Chainlink,” “Pyth,” or “time-weighted average” in the docs.
- Don’t trust high APYs. If a protocol offers 100%+ returns, it’s likely hiding a vulnerability. High yield = high risk.
- Use insurance protocols. Cover your position with Nexus Mutual or Unicrypt. They don’t cover everything, but they help.
The Future of Flash Loan Attacks
Attackers aren’t slowing down. They’re using AI to find new vulnerabilities. Some are even testing attacks on testnets first, refining their scripts before hitting mainnet. New attack vectors are emerging. One recent exploit targeted cross-chain bridges using flash loans to manipulate token valuations across chains. Another used flash loans to flood governance votes with fake tokens - not to steal money, but to change protocol rules permanently. Regulators are starting to pay attention. The EU’s MiCA framework and the U.S. Treasury’s crypto task force are now including flash loan risks in their guidelines. But regulation moves slow. Innovation moves fast. The only real solution? Better code. Better data. Better design. DeFi was meant to be open, fair, and transparent. Flash loan attacks are the dark side of that openness. They exploit the very thing that makes DeFi powerful - its automation - to break it. The fight isn’t over. But now, at least, defenders are learning how to play the game.Can flash loans be used for anything good?
Yes. Flash loans were originally designed for legitimate arbitrage - buying a token cheap on one exchange and selling it higher on another. Traders still use them to correct price gaps between DEXs, which helps keep markets efficient. The problem isn’t the tool - it’s how attackers abuse it. The same mechanism that helps markets stay fair can be weaponized to break them.
Are flash loan attacks only possible on Ethereum?
No. While Ethereum was the first to support flash loans, they now work on any blockchain with compatible smart contracts - including BNB Chain, Polygon, Arbitrum, and Solana. The attack method is the same regardless of the chain. The only difference is the gas fees and liquidity available. Attackers often target chains with lower security audits and thinner liquidity pools.
Can I get hacked just by using a DeFi app?
Not directly. You won’t get hacked just by connecting your wallet. Flash loan attacks target the protocol’s code, not individual users. But if a protocol you’re using gets exploited, your funds can be drained - even if you didn’t do anything wrong. That’s why it’s critical to only use well-audited protocols with multi-oracle pricing and proven track records.
Why don’t exchanges block these attacks?
Because they can’t. Flash loan attacks happen inside a single blockchain transaction. Exchanges don’t control that. They can’t see the attack until it’s already over. By the time the price drops, the attacker has already cashed out. The blockchain doesn’t have a “undo” button. Once the transaction is confirmed, it’s final - even if it was built on fraud.
What’s the difference between a flash loan attack and a rug pull?
A rug pull is when developers abandon a project and steal all the liquidity. A flash loan attack is when an outsider exploits a vulnerability in a live, legitimate protocol. The project isn’t fake - it’s just broken. The attacker doesn’t need to trick users. They just need to find a bug. That’s why flash loan attacks are harder to prevent - they don’t rely on deception. They rely on math.
alex bolduin
December 3, 2025 AT 18:10It's wild how the system works perfectly if you follow the rules but collapses if you just exploit the gaps
Like the universe doesn't care if you're cheating as long as the math adds up
We built a machine that thinks in zeros and ones and now we're shocked when it doesn't understand morality
Vidyut Arcot
December 4, 2025 AT 21:39Good breakdown. The real win here is TWAP and multi-oracle adoption - it's not flashy but it's what saves real money
Protocols that ignore this are just asking to be the next headline
Jay Weldy
December 6, 2025 AT 14:11It's kind of beautiful in a terrifying way - the system is so transparent, so open, that the only thing you can do is outthink the漏洞
Kinda like a chess game where the board is made of glass