Cream Finance suffers another major flash loan attack
Months after losing $25 million to the cold hands of hackers, Cream Finance has suffered yet another major attack. On Wednesday, a malicious actor made away with over $100 million worth of funds in a fresh loan attack.
The attack was first discovered by blockchain data analytics company PeckShield. The majority of the stolen funds were Cream liquidity provider tokens, along with other Ethereum-based tokens.
#FlashLoanAlert https://t.co/XzAvHqoINN
— PeckShield Inc. (@peckshield) October 27, 2021
For clarity, in a flash loan attack, a malicious actor exploits vulnerable smart contracts in order to create arbitrage opportunities. This is done by flooding the contract with loaned tokens that usually results in a change in the relative value of a trading pair.
This is not the first time Cream Finance is the victim of a DeFi attack. According to BTC PEERS, the platform lost a whooping sum of $25 million in a flash loan attack back in August. It later resorted to repaying users with protocol fees after identifying the AMP integration error that caused the loss.
The protocol took to Twitter to alert its followers of the attack. However, the comments on the thread were filled with several angry responses that highlighted Cream’s poor track record when it comes to securing user assets.
We are investigating an exploit on C.R.E.A.M. v1 on Ethereum and will share updates as soon as they are available.
— Cream Finance 🍦 (@CreamdotFinance) October 27, 2021
According to a BTC PEERS report back in September, a database revealed that the total amount lost to DeFi exploits in the past 5 years was about $1.7 billion.
The latest attack on Cream Finance is currently one of the largest so far, and the value of Cream Finance’s CREAM token fell more than 26% after the news of the hack broke.
Check our guide of the most promising crypto
