Cream Finance Suffers $19M Hack In Flash Loan Attack

Decentralized Finance (DeFi) platforms have suffered major hacks over the past month, with a CipherTrace report indicating that the exploits have hit an all-time high. Another platform, Cream Finance, is now the latest victim of a $19 million exploit.

Cream Finance is one of the popular DeFi platforms that offers lending services. An unknown hacker has now exploited the network and gained access to around $18.8 million in a flash loan hack. The hacker used a reentrancy bug that they imprinted on the AMP token contract.

Further Exploits Blocked

Peckshield, a blockchain cybersecurity company, revealed the details of the hack. Cream Finance responded to news of the hack, stating that the platform had placed on hold all supply and borrow contracts related to the AMP token. This was done to prevent further exploits. The platform also added that none of the other contracts was affected.

According to the Peckshield report, the hackers exploited the AMP token contract by borrowing assets repeatedly during transfer. The hacker could reborrow before updating the first transfer, and he did this in 17 different transactions.

“The hacker makes a flashloan of 500 ETH and deposits the funds as collateral. Then the hacker borrows 19M $AMP and makes use of the reentrancy bug to reborrow 355 ETH inside $AMP token transfer. Then the hacker self-liquidates the borrow,” Peckshield illustrated.

The Peckshield report also revealed the hacker’s address, and the security firm added that they were monitoring the address to identify any transactions linked to the hacker’s address.

The AMP token is an Ethereum-based asset that is mainly used on Flexa, a digital payments network. The AMP token was launched in 2019 and uses an ERC1820 contract standard where any address can “register which interface it supports and which smart contract is responsible for its implementation.”

The attack had a detrimental effect on the values of the AMP token and the native token of Cream Finance. The two coins have dropped by 13% and 5%, respectively, in the past 24 hours. AMP is trading at $$0.05 at the time of writing, while Cream Finance is trading at $166, according to data from Coingecko.

DeFi Hacks on the Rise

Hacks on DeFi platforms have been on the rise, with a new hack happening almost every week. The recent attack on the AMP token contract is not the first to occur on Cream Finance.

In February, Alpha Homora, a DeFi product, was the victim of a $37 million exploit. The hack was done using Cream Finance’s Iron Bank protocol-to-protocol lending platform.

While hacks on decentralized platforms have been the highest, centralized platforms are also facing numerous exploits. On August 28, Bilaxy crypto exchange suffered a hack on its hot wallet that led to 295 ERC-20 tokens being attacked. Another popular exchange. Liquid also suffered an attack that led to a loss of around $100 million from the platform on August 19.

These hacks are happening at a critical time for the crypto sector, given that mass adoption is on the rise, and the regulatory landscape is evolving.

These hacks could stifle innovation in this sector caused by fear of investors losing their money or regulators cracking down on different players in the sector. However, many DeFi platforms have put measures in place that cushion investors in the event of these hacks.

Leave a Reply

Your email address will not be published.

Related Articles
Read More

Ukrainian Parliament Passes Law Legalizing Cryptocurrencies

Crypto adoption and recognition continue to boom globally. Ukraine has become the latest country to formulate strategies for the crypto market, proving that the market is finally getting attention. The Ukrainian parliament voted in favor of a law that will legalize and regulate digital currencies....
Read More

FCA Orders Closure Of Crypto ATMs In UK

Crypto ATMs Operating Illegally in the UKThe FCA recently issued a warning against crypto ATMs operating in the United Kingdom. According to a press release, operators looking to offer crypto ATM services have to register with the FCA and comply with money laundering regulations. At...