Summer Finance Pauses Vaults After $65.4M Flash Loan Attack
Summer Finance paused all Lazy Summer Protocol vaults after an attacker used a $65.4 million flash loan to manipulate accounting and withdraw about $6 million.
On Monday, July 6, 2026, Summer Finance paused all Vaults in its Lazy Summer Protocol after on-chain monitors detected abnormal activity that indicated a flash loan attack.
Blockchain security analysis shows the attacker opened a $65.4 million flash loan and deposited roughly $64.8 million into the protocol’s vaults to change internal token valuations. The actor exploited a flaw in the Fleet Commander contract’s asset accounting logic, then redeemed about $70.9 million in assets and kept roughly $6 million after returning part of the flash loan.
A security firm traced the sequence as a multi-step operation that combined large deposits, swaps to move prices, and accounting abuse inside the vault system. The exploiter converted the proceeds into DAI stablecoins and moved funds to an attacker-controlled wallet.
In a statement, Summer Finance wrote: “We are aware of the reported exploit a little earlier today and are investigating the root cause. The protocol guardians are currently pausing all Vaults across the Lazy Summer Protocol. We will provide more updates as we have them.” The pause blocks further interactions with the affected vault logic while developers and auditors trace funds and confirm the attack vector.
Security firms described the attack as an infrastructure-level arbitrage manipulation that used a large flash loan to skew price information and internal vault calculations, then redeemed assets at the inflated valuations. Analysts said the transaction sequence included targeted deposits and swaps designed to affect on-chain price feeds before redemptions.
The loss adds to recorded DeFi thefts in 2026, which total about $840 million according to security trackers. Security experts advised users to revoke smart-contract approvals connected to the affected vaults, avoid responding to unverified communications, and consider moving assets from online wallets to offline cold storage until fixes are deployed.
Summer Finance’s core development team plans to produce a patch and publish a post-mortem after the investigation is complete. The incident follows several flash-loan attacks this year that exploited composable contracts and automated accounting mechanisms in decentralized finance.
The material on GNcrypto is intended solely for informational use and must not be regarded as financial advice. We make every effort to keep the content accurate and current, but we cannot warrant its precision, completeness, or reliability. GNcrypto does not take responsibility for any mistakes, omissions, or financial losses resulting from reliance on this information. Any actions you take based on this content are done at your own risk. Always conduct independent research and seek guidance from a qualified specialist. For further details, please review our Terms, Privacy Policy and Disclaimers.








