SEI Flash Loan Exploit Drain $240K, Trust in Contract Tested

Key Highlights:

• An accidental transfer funded a flash loan exploit and drained about 1.96 million WSEI tokens worth $240,000.
• Weak contract checks allowed the attacker to borrow without repayment.
• The incident hurts trust and highlights security gaps on SEI.

A suspicious flash loan transaction on the SEI blockchain targeting synnax.fi was observed and reported by real-time blockchain security monitoring and alert platform BlockSec Phalcon today, January 9, 2026. According to the tweet, the attacker has borrowed 1.96 million WSEI tokens, worth $240,000, and did not repay the amount.

BlockSec Phalcon reports that the exploit was triggered by an accidental token transfer from address 0x9748…a714 to the synnax.fi contract just three blocks earlier. This mistake helped the attacker as it supplied the liquidity needed for them to execute the exploit.

A flash loan is a special type of blockchain loan that is borrowed and repaid within a single transaction. If the borrower fails to return the funds instantly, the transaction is considered to be a failed transaction.

Here, users can borrow large amounts of crypto tokens without collateral as long as the funds are repaid within the same blockchain transaction. Attackers misuse them to manipulate prices, exploit oracles, or drain weak contracts before the transaction completes.

In this case, an accidental token transfer added liquidity and bypassed safety checks, allowing the attacker to borrow without repayment. This can be due to weak validation, reentrancy flaws, or missing repayment enforcement in smart contracts.

Incident Breakdown

All of this began with TX1, where the address 0x9748…a714 accidently sent tokens straight to the synnax.fi contract. This mistake added extra funds to the contract which were then exploited in TX2 just three blocks later.

The attacker took a flash loan from the same contract, borrowing 1.96 million WSEI tokens worth around $240,000 at the same time as mentioned above, and did not repay the loan within the same transaction, and then drained the funds.

These transactions can be verified using the BlockSec explorer where TX1 and TX2 are publicly visible. Synnax.fi’s documentation also outlines its legacy contracts in detail.

The incident shows flash loans, which are meant to be used safely for instant trades and arbitrage, can turn dangerous when smart contracts do not have strong access controls or strict repayment checks in place.

Implications for SEI Ecosystem

SEI is built for fast trading, but this speed can also work against it as it can also make flash loan attacks more dangerous. Older Synnax.fi contracts may not have newer safety features that can take care of such misuse.

If you compare the amount of money that was lost in this attack to other DeFi hacks, it is negligible but for a younger ecosystem like SEI, this kind of exploit has the ability to hurt user trust and can also slow down its adoption on a larger scale.

Such situations can be avoided if protocols implement strict repayment checks and safety protocols, while users must double-check addresses before sending funds from their end.

Moreover, since this incident has been reported by BlockSec, the price of the token has also been affected. The price drop can also be attributed to the recent notice that was issued, where it urged users to migrate their USDC.n to the new native USDC before the SIP-3 upgrade creating a short-term sell pressure and lower liquidity.

At press time, the price of the token stands at $0.1223 with a dip of 0.79% in the last 24-hours as per CoinMarketCap.

Similar Incidents on SEI and Beyond

As of now, there have not been confirmed flash loan exploits on SEI caused by accidental token transfer like this one. However, across DeFi, flash loans have been used in many major hacks. High profile cases like Euler Finance, bZx, Cream Finance, and PancakeBunny show how attackers exploit pricing and liquidity weaknesses to drain funds, making flash loans a common tool in past DeFi attacks.

Also Read: Unleash Protocol Hack Drains $3.9M Via Multisig Exploit