On-chain data shows the $4.5 million was first transferred from the Kraken crypto exchange, before eventually arriving at an address purportedly owned by a scammer.
Crypto casino Stake reopens withdrawals just 5 hours after $41M hack
The online crypto casino reported unauthorized transactions from its hot wallets on Sept. 4 with blockchain security firms estimating at least $41 million pilfered from hackers.
Base project RocketSwap shares emergency plan following $865K exploit
RocketSwap Labs plans on reaching out to the exploiter on-chain, who stole an estimated $865,000 from the protocol on Aug. 14.
LeetSwap Halts Trading After $630K Drained From Liquidity Pairs
Coinbase’s Layer 2 blockchain has another problem on its hands.
Allbridge offers bounty to exploiter who stole $573K in flashloan attack
Allbridge offered a hacker who pilfered $573,000 from its platform a chance to come forward as a white hat and forgo any legal ramifications.
Euler hacker seemingly taking their chances, sends funds to crypto mixer
Before the move, the hacker apparently refunded at least one victim, leading to a slew of on-chain messages from other purported victims.
Bitcoin bulls’ desire for a trend reversal could be obliterated by this week’s $565M options expiry
Significant headwinds continue to batter BTC price, and this week’s options expiry is unlikely to provide any relief.
Wallet tied to Uranium Finance hacker reawakens after 647 days, shifting $3.3M
The hacker has other associated wallets that have also shifted funds to privacy networks such as Aztec.
Notorious Monkey Drainer crypto scammer says they’re ‘shutting down’
The scammer behind the crypto wallet draining kit even recommended an alternative and gave advice to budding cybercriminals.
Lendhub protocol exploiters spotted shifting $3.85M into Tornado Cash
Despite the sanctions on the crypto mixing service, the bad actors behind January’s biggest exploit have deposited millions worth of funds into Tornado Cash.
BingChatGPT ‘pump & dump’ tokens emerging by the dozens: PeckShield
Blockchain security firm PeckShield on Twitter said it has found dozens of pump-and-dump tokens purporting to be related to ChatGPT.
BonqDAO protocol suffers $120M loss after oracle hack
An oracle hack allowed the exploiter to manipulate the price of the AllianceBlock token, leading to an estimated $120 million loss, according to Peckshield.
Defrost v1 hacker reportedly returns funds as ‘exit scam’ allegations surface
“Merry Christmas guys. We got a lump of coal from Santa Claus,” wrote one user in response to the allegations and the incident.
‘Everything is fine’ — Gala Games calls for calm after fears of multi-billion dollar hack
Gala Games said the unusual activity of its pGALA token was actually part of efforts to safeguard it from potential attack.
Hacker bungles DeFi exploit: Leaves stolen $1M in contract set to self destruct
A hacker apparently so thrilled by a successful theft left behind over $1 million in a smart contract that was set to destruct, permanently ensuring the crypto could never be moved.
Cream Finance Loses $25 Million To A Flash Loan Attack
PeckShield reported through a tweet of the new hack on Cream Finance. The blockchain security company said a flash loan attack on the decentralized finance lending and borrowing protocol.
#FlashLoanAlert https://t.co/JPW7e368qd
— PeckShield Inc. (@peckshield) August 30, 2021
PeckShield explained that the hacking came through a 500 Ethereum flash loan from the attacker. This was used to infiltrate a reentrancy bug in the smart contract of the Flex Network. Usually, flash loans being undercollateralized can be borrowed and repaid within a single transaction.
Related Reading | Cryptocurrency Firms In Switzerland To Offer Tokenized Products On Tezos
As a DeFi protocol for lending, Cream Finance allows users to earn interest from their deposited assets. Though Cream Finance is a fork of the Compound protocol, its operation is quite different from Compound or Aave. The platform has several more markets for some esoteric digital assets.
1/4 @CreamFinance was exploited in (one hack tx: https://t.co/JPW7e368qd), leading to the gain of ~$18.8M for the hacker.
— PeckShield Inc. (@peckshield) August 30, 2021
This attack on Cream Finance was exploitation involving 1,308 Ethereum and over 418 million AMP, the native token of Flexa Network. According to PechShield, the Ethereum records reveal that over $6 million were hacked at 5:44 UTC.
Cream Finance Becomes Another DeFi Protocol Hacked In 2021
Furthermore, the Cream Finance team members confirmed the authenticity of the hacking reporting. Then, reporting on Discord Channel, the project’s official channel, the members started working with PeckShield.
The team revealed that the hacking was on the CREAM v1 market on the Ethereum Blockchain. Furthermore, they mentioned that it’s through the reentrancy of the contract on the AMP token.
At the time of writing, AMP’s value has dipped by 15% within few hours to $0.05. Also, the value of Cream Finance’s native token, CREAM, plummeted by about 6%.
However, ETH is at $3, 190.46 showing a slight dipping within the last 24 hours. The total amount of the Crean Finance hacking is more than $25 million. The address of the hackers shows that they presently have about $18.8 million.
Amidst the hack, Cream Finance is down by 6% | Source: CREAMUSD on TradingView.com
The Cream Finance team has put a stop to any further loss. The team said that it now has a pause on AMP’s supply and borrow. It further acknowledged that the hack doesn’t affect any other market. Eason Wu, the protocol’s production Manger, disclosed this information on Discord.
Recall that earlier in the year; Cream Finance had a huge hack. The attack led to the loss of $37.5 million worth of digital assets. According to the report, the earlier hacking had a root cause from the exploitation of Alpha Finance.
Related Reading | Reports Show 45% Surge In Stock And Cryptocurrency Sign-Ups Across Rural Areas In India
Flash loans have remained one of the controversial features of decentralized finance. This’s because there’s no collateral needed for the loans, and hence, they are susceptible to hacks. This accounts for the recent attacks and hacks of flash loans.
A similar incident is a hack on the Bilaxy crypto exchange on August 28. The exchange had a huge hot wallet hack that compromised about 295 ERC-20 tokens. Also, a hack on Liquid on August 19 resulted in a loss of about $100 million.
Featured image from Pixabay, chart from TradingView.com
$1.4B in ‘High-Risk’ Crypto Flowed Onto Exchanges in H1 2020, Analysis Firm Says
China-based blockchain analysis firm PeckShield tracked 100 million crypto addresses for its research.
Error or Plunder? Report Suggests FCoin Purposely Moved Customer Bitcoin Since 2019
A recent report from Silicon Valley-based Anchain AI wonders out loud whether funds were purposely pilfered by insiders, challenging FCoin’s official line claiming a data error was to blame.