Lossless also plans to ship a security tool that will reportedly aid DeFi projects in preventing hacks and exploits on their platforms.
Cream Finance will integrate with Polkadot blockchain using Moonbeam
Kusama and Polkadot users will be able to use Cream’s services to deposit digital assets as collateral or lend them out.
Cream Finance Plans To Repay The Stolen Funds To Its Users
Cream Finance is a decentralized finance protocol to repay users for the flash loan hack on its platform. The hack of nearly $19 million occurred on Aug 30, 2021.
Cream Finance puts news of a post-mortem to the massive exploitation of the AMP flash loan. The protocol promises to repay the stolen Amp (AMP) and Ether (ETH) coins.
It plans on footing its promise by allocating 20% of all the protocol fees until the debt is fully paid. Furthermore, the protocol will post collateral with the pertinent parties at AMP. It will also involve the Flexa digital payments network, the creators, for the security of the debt.
From the post-mortem report, this recent flash loan hack stands for Crean Finance’s first time to face direct hacking.
Related Reading | Former DigitalX Executive Appointed As The New Binance Australia CEO
This mishap caused the loss of about 2,800 ETH and 462 million AMP coins. Through the assistance of PeckShield, a blockchain security company, Cream Finance discovered the major cause of the hack.
The protocol uncovered that there’s an error in its means of AMP integration. Cream confirmed that though the situation is disappointing and unfortunate, it will solely bear the responsibility for its error.
Cream Finance Is Inspecting The Hack
Besides the massive exploit on its platform, Cream Finance has found a similar attack. However, this smaller move comes from an address with a history of transactions on the Binance crypto exchange. Binance is currently working together with Cream Finance to fish out this second attacker.
Cream revealed that it would cooperate with the necessary authorities to track the perpetrator. Furthermore, it will work with law enforcement bodies to prosecute the attacker using the full weight of the law.
Also, the hacked protocol will part with a 10% bug bounty to the attacker where they are ready to return the stolen assets.
Additionally, Cream appealed for public assistance in identifying the perpetrator or providing relevant information for his arrest and prosecution. The protocol pledged a ransom of 50% of returned funds for such assistance.
As recently notified, on August 30, Cream stopped supply and borrow contracts on AMP. This move closes the exploit that gave the attacker access to about $19 million worth of ETH and AMP from assets reborrowing within 17 different transactions.
Related Reading | Visa Describes NFTs As Promising Means To Engage With The Fans
Following this recent huge exploitation, the prices of AMP and CREAM, the Cream’s native coin, have plummeted. The AMP value has suffered almost a 13% dip.
At the time of writing, CREAM is trading sideways | Source: CREAMUSD on TradingView.com
Furthermore, these affected coins now have continuous price dipping preceding the attack. For example, cream token CREAM has plummeted by 11% within the last seven days. The token now sells at $163.08 at the time of writing. AMP, being down also, is at $0.05275.
Featured image from Pixabay, chart from TradingView.com
Cream Finance Loses $25 Million To A Flash Loan Attack
PeckShield reported through a tweet of the new hack on Cream Finance. The blockchain security company said a flash loan attack on the decentralized finance lending and borrowing protocol.
#FlashLoanAlert https://t.co/JPW7e368qd
— PeckShield Inc. (@peckshield) August 30, 2021
PeckShield explained that the hacking came through a 500 Ethereum flash loan from the attacker. This was used to infiltrate a reentrancy bug in the smart contract of the Flex Network. Usually, flash loans being undercollateralized can be borrowed and repaid within a single transaction.
Related Reading | Cryptocurrency Firms In Switzerland To Offer Tokenized Products On Tezos
As a DeFi protocol for lending, Cream Finance allows users to earn interest from their deposited assets. Though Cream Finance is a fork of the Compound protocol, its operation is quite different from Compound or Aave. The platform has several more markets for some esoteric digital assets.
1/4 @CreamFinance was exploited in (one hack tx: https://t.co/JPW7e368qd), leading to the gain of ~$18.8M for the hacker.
— PeckShield Inc. (@peckshield) August 30, 2021
This attack on Cream Finance was exploitation involving 1,308 Ethereum and over 418 million AMP, the native token of Flexa Network. According to PechShield, the Ethereum records reveal that over $6 million were hacked at 5:44 UTC.
Cream Finance Becomes Another DeFi Protocol Hacked In 2021
Furthermore, the Cream Finance team members confirmed the authenticity of the hacking reporting. Then, reporting on Discord Channel, the project’s official channel, the members started working with PeckShield.
The team revealed that the hacking was on the CREAM v1 market on the Ethereum Blockchain. Furthermore, they mentioned that it’s through the reentrancy of the contract on the AMP token.
At the time of writing, AMP’s value has dipped by 15% within few hours to $0.05. Also, the value of Cream Finance’s native token, CREAM, plummeted by about 6%.
However, ETH is at $3, 190.46 showing a slight dipping within the last 24 hours. The total amount of the Crean Finance hacking is more than $25 million. The address of the hackers shows that they presently have about $18.8 million.
Amidst the hack, Cream Finance is down by 6% | Source: CREAMUSD on TradingView.com
The Cream Finance team has put a stop to any further loss. The team said that it now has a pause on AMP’s supply and borrow. It further acknowledged that the hack doesn’t affect any other market. Eason Wu, the protocol’s production Manger, disclosed this information on Discord.
Recall that earlier in the year; Cream Finance had a huge hack. The attack led to the loss of $37.5 million worth of digital assets. According to the report, the earlier hacking had a root cause from the exploitation of Alpha Finance.
Related Reading | Reports Show 45% Surge In Stock And Cryptocurrency Sign-Ups Across Rural Areas In India
Flash loans have remained one of the controversial features of decentralized finance. This’s because there’s no collateral needed for the loans, and hence, they are susceptible to hacks. This accounts for the recent attacks and hacks of flash loans.
A similar incident is a hack on the Bilaxy crypto exchange on August 28. The exchange had a huge hot wallet hack that compromised about 295 ERC-20 tokens. Also, a hack on Liquid on August 19 resulted in a loss of about $100 million.
Featured image from Pixabay, chart from TradingView.com
Phishing attack uses PancakeSwap and Cream domains to steal money
Two BSC-based projects have been attacked by replacing their websites with a malicious interface.
