Cheese Bank: Flash loan + Uniswap LP spot oracle manipulation → inflated collateral value → drain via borrow()
Cheese Bank's lending protocol was drained of $3.3M when an attacker used a 21,000 ETH flash loan to inflate the WETH balance in a Uniswap pool, tricking the protocol's spot oracle into accepting massively overvalued LP tokens as collateral.
Summary #
Cheese Bank suffered a Lending / Money Market on 2020-11-06, resulting in a loss of approximately $3M.
What happened #
Cheese Bank's lending protocol was drained of $3.3M when an attacker used a 21,000 ETH flash loan to inflate the WETH balance in a Uniswap pool, tricking the protocol's spot oracle into accepting massively overvalued LP tokens as collateral.
Linked factors #
- RD-F-004 — causal : Audit count likely 0; floor display [via dashboard_risk_factors/Vulnerability in audited or unaudited code: Unaudited (likely)]
- RD-F-053 — causal : ★ Oracle source = spot DEX pool (no TWAP, no fallback) [via cross-hack: Factor 16: Single-Source VWAP / Thin-Liquidity Oracle Without Flash Swap Filtering]
- RD-F-055 — related : Underlying oracle pool depth (USD) [via cross-hack: Factor 16: Single-Source VWAP / Thin-Liquidity Oracle Without Flash Swap Filtering]
- RD-F-056 — related : Single-pool oracle (no medianization) [via cross-hack: Factor 16: Single-Source VWAP / Thin-Liquidity Oracle Without Flash Swap Filtering]
- RD-F-099 — illustrative : Oracle price deviation > X% from secondary source — RT signal would have fired [via realtime_signals/Oracle anomaly: Y — Uniswap CHEESE/ETH pool WETH balance spiked from normal to 20,000+ ETH within a single transaction, just before oracle refresh and borro...]
- RD-F-111 — causal : Team doxx status — pseudonymous-no-track-record class [via dashboard_risk_factors/Team anonymity: Unknown]