On Wednesday Decentralized finance (DeFi) money market and lending platform Cream Finance which works on the Ethereum network has been hacked losing over $130 million worth of funds.

This is the third-time DeFi protocol that has been hacked. The attacker drained this amount through a large flash loan in a complex transaction that includes 68 different assets and cost more than 9 ETH in gas. This flash loan was first identified by Blockchain data analytics company PeckShield Inc. on Wednesday. The Compromised funds were mainly Cream liquidity provider tokens, along with Ethereum-based platform tokens. Cream Finance would be one of the largest latest exploits.

This attack leads to CREAM fluctuating by 28%. The chair of the Securities and Exchange Commission, Gary Gensler, is supporting greater consumer protection in the DeFi industry. He said, “There’s a lot of lending going on. There’s a lot of trading going on. And without protection, I fear that it’s going to end poorly,”. Now the hacker is mainly using Ren’s Bitcoin bridge to work on ‘wash’ the funds.

Other attacks DeFi protocol has suffered before

The hackers are targeting Cream Finance routinely. In February, in a flash loan attack, hackers drained off $37.5 million that fluctuating the rice by 30% within an hour. In August there was another attack where around $19 million was stolen. Amp cryptocurrency which is an Ethereum based token designed to collateralize digital payments on Flexa, has initiated a reentrancy bug that facilitated the attack. According to some sources as of September 16, a comprehensive list of DeFi attacks shows 63 exploits with the lost funds totaling roughly $1.2 billion. 

Indrani Bose

CBW - External Analyst

INDIA