An anonymous user took advantage of a vulnerability in the ApeCoin (CRYPTO: APE) airdrop process to exploit more than $800,000 worth of APE tokens.

What Happened: A transaction on Etherscan shared by Parsec founder Will Sheehan on Twitter Inc (NYSE:TWTR) revealed that an attacker used a flash loan attack to obtain 60,564 APE tokens.

Bored Ape NFTX vault atomically rinsed by an MEVor

buys vault token -> redeems entire pool -> claims airdrop of 60k APE -> re-supply’s the poolhttps://t.co/X83URmgyBK

— Will Sheehan (@wilburforce_) March 17, 2022

An analysis of the incident by CertiK revealed that the hacker orchestrated the attack by borrowing NFT 1060 from OpenSea and using it as the loan fee to flash loan 5.2 BAYC tokens from the NFTX Vault.

#CommunityAlert 

At 12:13:14 PM UTC, an attacker claimed a large amount of #APECOIN in the airdrop event by flashloan using $BYAC tokens to redeem for #BAYC NFTs.

The total profit of the attack is around ~ $820K (293 #ETH) pic.twitter.com/g5RIhQjGIB

— CertiK Alert (@CertiKAlert) March 17, 2022

See Also: DeFi Flash Loans Will Become The New Standard Of Financial Security | Opinion

The attacker then used the borrowed BAYC tokens to redeem BAYC NFTs and claim 60,564 ApeCoin tokens as a reward in the airdrop contract.

The hacker then sold the majority of these APE tokens for 293 Ethereum (CRYPTO: ETH) earning him a profit of around $820,000. He minted the BAYC NFTs to BAYC tokens in order to pay…