- Cream Finance wallets have been drained of $117M in the past 24 hours after a flash loan attack.
- The protocol along with PancakeBunny, PancakeHunny, has a share in the $361 million stolen in DeFi hacks this year.
Decentralized lending protocol Cream Finance has once again suffered a flash loan attack, losing roughly $117 million in 24 hours.
Notably, a flash loan attack happens when cyber thieves borrow a large amount of cryptocurrency from flash loan lending protocols. The realized amount is used to manipulate the DeFi market for gains.
The malicious hack was first flagged by blockchain analytics firm PeckShield. Reportedly, hackers exploited a flash loan transaction to abuse a flaw in the smart contracts. Having gained access to certain protocol wallets, the attackers emptied them of CREAM tokens and various ERC-20 tokens.
Thereafter, the hackers moved $92 million worth of cryptocurrencies into one address and $23 million into a separate address. The hackers have since transferred these funds to other different wallets and swapped them via Uniswap and ParaSwap.
Cream Finance hit the third time
Resultantly, the price of CREAM has taken a 37 percent dive, moving from $152 to $111 in the last 24 hours according to our data.
So far this year, this is the third time that Cream Finance has suffered a cyberattack. In February, the protocol saw $37.5 million drained after hackers exploited a vulnerability in its flash credit technology. In August, the protocol lost $18.8 million after hackers introduced a reentrancy bug to the AMP token.
Read More: DeFi Lending platform CREAM Finance hit with $25 million flash loan attack
Ironically, just a few days ago, Yearn developers (Yearn Finance and Cream Finance merged in Nov. 2020) helped DeFi platform RoboVault from losing $50 million.
But the attacks on Cream Finance have not been isolated in the DeFi industry. In May, PancakeBunny DeFi protocol was drained of $45 million worth of crypto assets through a flash loan exploit. The attacker sold BUNNY tokens for BNB, deflating BUNNY’s price from $146 to just $6. The token is yet to recover from this shock, now trading at around $3 per hour data.
Side Notes
PancakeHunny, a similar project to PancakeBunny, also suffered a $1.9M attack similar to the attack on PancakeBunny. Others that have been the victim of hacks are Vee Finance, pNetwork, Poly Network, and Neko Network.
This year, DeFi hacks have accounted for 76 percent of all major hacks worldwide, according to security firm AtlasVPN. The report claims that fraudsters are attacking high-value contracts with fake projects. Additionally, a total of $361 million has been lost to DeFi hacks this year, compared to $129 million last year. If rag pulls are bundled together with DeFi hacks, then the total amount drained amounts to $0.5B for 2021 alone.
Nonetheless, DeFi protocols are witnessing increased appetite from the crypto community as shown by their total value locked (TVL). The TVL for Ethereum, the leading network in terms of DeFi protocols, has risen from $11 billion to $150 billion year-over-year.
Subscribe to our daily newsletter!
No spam, no lies, only insights. You can unsubscribe at any time.