Bitcoin
$41,614.21-3.93%
Ethereum
$2,868.42-6.34%
XRP
$0.919817-3.59%
Cardano
$2.09-4.91%
Polkadot
$27.24-5.51%
Stellar
$0.261679-4.50%
Dogecoin
$0.198790-2.33%
Uniswap
$24.29+0.73%
Chainlink
$22.99-4.12%
Polygon
$1.07-4.76%
Algorand
$1.63-9.45%
Cosmos
$35.93-6.83%
Litecoin
$144.86-3.95%
Bitcoin Cash
$486.42-2.91%
Wrapped Bitcoin
$41,576.14-4.12%
The Graph
$0.645739-7.97%
Filecoin
$56.66-6.91%
Tron
$0.084773-4.25%
Ethereum Classic
$45.82-1.64%
Tezos
$6.03-5.26%
Aave
$266.80-8.23%
Monero
$230.42-3.44%
NEO
$37.18-4.40%
EOS
$3.78-4.56%
IOTA
$1.11-5.42%
BitTorrent
$0.003049-4.25%
Bitcoin SV
$127.86+0.09%
Waves
$23.77-1.67%
Maker
$2,296.81-3.03%
Dash
$152.96-4.48%
Decentraland
$0.644993-6.23%
Decred
$98.76-10.27%
ICON
$1.45-7.63%
OmiseGO
$9.35+4.13%
NEM
$0.138264-5.63%
Zcash
$104.21-4.76%
Paxos Standard
$0.990892+0.01%
Yearn Finance
$28,946.56-3.40%
NuCypher
$0.261170-5.26%
Ren
$0.981399-12.98%
Bitcoin Gold
$50.63-2.12%
Qtum
$9.03-5.67%
Basic Attention Token
$0.594000-6.31%
Fetch.ai
$0.729463-8.24%
0x
$0.829436-8.15%
Bancor
$3.34-5.23%
Kava.io
$5.32-10.70%
Band Protocol
$7.01-7.08%
Siacoin
$0.013939-6.55%
Nano
$4.19-6.07%
Loopring
$0.360948-5.12%
Numeraire
$41.08-1.49%
Storj
$1.00-7.60%
Civic
$0.402407-6.46%
Lisk
$2.69-3.64%
PAX Gold
$1,745.96-0.81%
Orchid
$0.298935-6.43%
Enzyme
$135.67-9.11%
Augur
$19.94-3.32%
Aragon
$4.24-7.56%
district0x
$0.141096-5.92%
Kyber Network
$1.38-5.99%
SingularDTV
$0.001223+3.15%
Tether
$1.00-0.05%
USD Coin
$1.00-0.03%
Dai
$1.00-0.07%

DeFi Protocol Cream Finance Hacked for Second Time This Year

The attacked drained just over $25 million of AMP tokens and ether.

Aug 30, 2021 at 8:08 a.m. UTC
Updated Aug 30, 2021 at 9:27 p.m. UTC

Cream Finance, a decentralized finance (DeFi) lending protocol, suffered its second flash loan attack this year, with the perpetrators draining more than $25 million.

  • The attack was first reported by PeckShield in a tweet early on Monday. The blockchain security firm pointed to Ethereum records showing at least $6 million were drained at 5:44 UTC.
  • Cream Finance later confirmed the hack in a tweet, adding that 418,311,571 AMP tokens and 1,308.09 ether had been stolen, bringing the total value of the hack to just over $25 million. PeckShield updated its estimate, saying the hacker siphoned off about $18.8 million.
  • The root cause of the incident was lending of AMP tokens, Cream Finance Product Manager Eason Wu said on Discord. Other assets on Cream are secure, he said.
  • AMP token contracts allowed for a reentrancy attack, the same type of exploit used in the infamous DAO hack.
  • Flash loan attacks take advantage of one of DeFi’s most controversial features: loans that do not require collateral.
  • Cream Finance lost $37 million in the attack earlier this year.

UPDATE (AUG. 30, 9:13 UTC): Updates value, adds details from Cream Finance tweet.

UPDATE (AUG. 30, 10:22 UTC) Adds updated estimate from PeckShield.

DISCLOSURE

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups.

Eliza Gkritsi is a CoinDesk news reporter based in Asia.

Loading...