Solidity Attack Vector #6: Flash Loan Attacks

Flash loans allow users to borrow massive amounts of liquidity with no collateral, provided they pay it back in the same transaction.

The Exploit

Attackers use this capital to manipulate a low-liquidity price oracle, causing a DeFi protocol to 'miscalculate' a user's collateral value, allowing the attacker to drain the protocol's funds.

Defense

Use Time-Weighted Average Prices (TWAP) or decentralized oracles like Chainlink instead of simple spot prices.