Cream Finance, a major decentralized finance (DeFi) protocol focused on lending, has suffered a major hacker attack, allegedly stealing nearly $19 million from its platform.
The hack
The Chinese blockchain journalist Colin Wu has, in fact, reported that Cream Finance, a crypto mortgage lending platform, suffered a hacker attack and lost about $18 million worth of cryptocurrencies. Etherscan shows 17 transactions made by two attackers.
The platform shows that the hackers stole funds in Ether, AMP and Cream Ether wrapped. An unknown hacker allegedly managed to get in through a re-entry bug introduced by the Amp token, according to an investigation by blockchain security firm PeckShield.
This immediately led to a drop in the price of AMP by around 15% and CREAM by around 6%.
Cream Finance: this is the third attack in 2021 on the platform
Not more than a month ago, the protocol was exploited via Alpha Finance, netting the hackers $24 million. Experienced hackers used the Pancake Swap and Cream Finance domains to carry out a phishing attack.
According to reports, the two projects PancakeSwap and Cream Finance, which are deployed on the Binance Smart Chain, are exposing their users to phishing attacks. Users are then tricked into entering their private key on the website.
DeFi’s Alpha Homora product, on the other hand, suffered a $24 million hack in February, which exploited Cream’s Iron Bank protocol-to-protocol lending platform. PeckShield specified that the hacker exploited the Amp token by reborrowing assets during its transfer before updating the former to borrow in 17 separate transactions.
Cream Finance is among top 20 DeFi protocols
Since launching in July 2020, Cream has been an important part of the DeFi ecosystem. Their cooperation with Yearn Finance on the Iron Bank project has been a much-discussed project in the space.
Cream Finance is among the top 20 DeFi protocols with over $658 million in locked assets. The protocol was created as a fork of Compound and has attracted attention as it provides access to many other cryptocurrency markets.
Flash loans allow users to borrow and return funds for the same transactions and have become a very common vulnerability when it comes to exploiting the security of DeFi platforms.
While the DeFi ecosystem is seen as the real challenger to the existing centralized financial sector, nascent platforms are struggling with system bugs.
Record number of hacker attacks on DeFi platforms
A recently published CipherTrace report placed the total amount of DeFi funds lost at $474 million, which followed the $600 million attack on Poly Network.
But Poly Network‘s hackers returned most of the compromised funds.
The spectacular growth of decentralized finance (DeFi) continues to bring endless financial opportunities and dangers to cryptocurrency users. Approximately $120 million in assets were looted from DeFi platforms in 2020 alone, attracting the attention and imagination of the cryptocurrency industry.
DeFi has therefore become a key target for attacks. In the first seven months of the year, it accounted for 54% of the total crypto fraud volume compared to 3% for the whole of last year.
The post Cream Finance: $18 million stolen in hacker attack appeared first on The Cryptonomist.