Flash loan attacks are DeFi (decentralized finance) exploits that target a smart contract created to allow the provision of flash loans to steal assets kept in a specific pool. In such attacks, the malicious actor opens a loan, utilizes the borrowed money to arbitrarily buy additional assets, and then swiftly repays the loan, keeping the remaining assets as their profit.
It's crucial to realize that because DeFi protocols are permissionless and controlled by smart contracts, this exposure can only occur within those protocols. While disintermediation has several advantages, such as cost savings and resistance to censorship, DeFi systems are vulnerable to such attacks since there is no third party monitoring the offering. The majority of flash loan attacks use lent funds to arbitrage assets from different DeFi protocols.