The bZx DeFi protocol was exploited for the second time via a flash loan attack, resulting in a $665,000 loss in ETH and raising concerns about DeFi security.

Executive Summary

The bZx decentralized finance (DeFi) protocol experienced its second flash loan attack within a week, resulting in a loss of 2,378 ETH, valued at approximately $665,840 at an ETH price of $280. This attack, which occurred on February 18, 2020, exploited an oracle vulnerability, further highlighting the security risks inherent in the nascent DeFi sector.

The Event in Detail

The attack leveraged a flash loan of 7,500 ETH on bZx. The attacker then traded 3,517 ETH for 940,000 sUSD (Synthetix USD) on the platform. Subsequently, 900 ETH was used to purchase additional sUSD on Kyber and Uniswap, artificially inflating its price to over 2.5 times the market rate. Using the inflated sUSD as collateral, the attacker borrowed 6,796 ETH from bZx, repaid the initial flash loan, and pocketed a profit of 2,378 ETH. This left bZx with an under-collateralized loan.

bZx relied on Kyber for its price feed, and the spiked sUSD/ETH price enabled the large ETH borrow. Although bZx had implemented an internal safety check to control the maximum spread from an unstable oracle, it proved insufficient to prevent the attack.

Market Implications

The attack on bZx led to a significant decrease in total value locked (TVL) in the DeFi sector, falling approximately $140 million from a peak of $1.2 billion on February 18, 2020. Losses in locked Ether totaled around 200,000 ETH, according to data from Defipulse.com. This incident underscores the potential for significant financial losses due to vulnerabilities in DeFi protocols and raises concerns about the security and stability of the sector.

Expert Commentary

Security experts have emphasized the need for DeFi protocols to go beyond smart contract audits and secure the full ecosystem. They encourage protocols to adopt Multi-Sig/MPC wallets and cold storage for key assets. Mitigating flash loan exploits with adaptive safeguards is also crucial. Furthermore, enhancing transparency and real-time monitoring is vital, as many off-chain attacks lack clear origins. The "Top 100 DeFi Hacks Report 2025" identifies a lack of or faulty input verification/validation as the most common vulnerability leading to direct contract exploitation, accounting for 34.6% of cases.

Broader Context

The bZx attacks are part of a broader trend of increasing security vulnerabilities in the DeFi sector. As decentralized exchanges (DEXs) and cross-chain protocols scale, operational risks have surged. In August 2025, $163 million was stolen across 16 exploits, a 15% monthly increase. DeFi protocols and cross-chain bridges account for 80% of total crypto losses this year. These incidents highlight the need for investors to weigh operational risk as rigorously as market risk and to prioritize protocols with robust security audits, transparent governance, and community-driven security initiatives. > Decentralized systems, must preserve openness, security, privacy, and censorship resistance, and never sacrifice them for convenience or growth. Emerging on-chain scheduling systems and modular automation frameworks are laying the groundwork for apps where execution logic isn't reactive but proactive and autonomous.