Elephant Money

Hacked

DeFi · ✝ 2022

Flash loans bent the price; the treasury paid.

Elephant Money was a DeFi protocol on BNB Chain offering a stablecoin and yield products. In April 2022 an attacker used flash loans to manipulate its internal pricing and drained roughly $22.2M from the protocol.

Peak: ~$22.2M stolen
Cause: Hacked
Year of death: 2022

☠️ Cause of death

The attacker took out flash loans to skew the protocol's price calculation, then minted and redeemed tokens at distorted values to extract funds.

📓 Lessons left behind

—Internal AMM prices are trivially flash-loan manipulable.
—Use time-weighted, external oracles for mint and redeem.
—Test economic logic against flash-loan-funded attackers.

🌱 The idea that survived

Flash-loan-resistant pricing

Reinforced using TWAP and external oracles instead of spot AMM prices.

#defi#flash-loan#oracle#bsc