Bitcoin
$66,643.58-0.28%
Ethereum
$3,236.21+0.86%
Binance Coin
$603.94+0.30%
Solana
$156.14-1.30%
XRP
$0.54489496-1.46%
Dogecoin
$0.16129019+0.45%
Toncoin
$5.73-4.84%
Cardano
$0.50095622-2.77%
Shiba Inu
$0.00002711+1.13%
Avalanche
$38.79-1.30%
Wrapped Bitcoin
$66,686.82-0.28%
Bitcoin Cash
$507.10-2.34%
PlayIconNav
Crypto Prices CoinDesk 20 Index CoinDesk 20 Index
Countdown to Consensus 2024The largest and longest running event that covers all sides of Crypto and Web 3
35
DAYS
09
HR
06
MIN
40
SEC
Finance

Cream to Return Stolen Funds Using Protocol Fees

The protocol said in excess of $33.5 million in ether and AMP was taken in the hack.

By Eliza Gkritsi
AccessTimeIconSep 1, 2021 at 9:06 a.m. UTC
Updated May 11, 2023 at 7:05 p.m. UTC
(Markus Spiske/Unsplash)
10 Years of Decentralizing the Future
May 29-31, 2024 - Austin, TexasThe biggest and most established global hub for everything crypto, blockchain and Web3.Register Now

Decentralized finance protocol Cream Finance said it will use protocol fees to repay users that lost money during Monday’s attack.

  • In a postmortem posted on Medium, the Cream Finance team said it is committing one-fifth of protocol fees until affected users have recovered all of their funds.
  • The protocol will post collateral with the AMP and Flexa teams until the debt is repaid. Affected users are invited to submit a request through a Google form.
  • Cream also revised its Monday estimate of the hack upwards. It said the hackers drained 462,079,976 AMP tokens and 2,804.96 ether, totaling upwards of $33.5 million.
  • This is the first time Cream was directly exploited, the post said, probably referring to another attack it suffered earlier this year.
  • The team has identified a main exploit and a copycat. The latter has withdrawal history on Binance, so Cream is working with the crypto exchange to identify the copycat. The two stole the funds over 17 transactions.
  • Cream is offering its usual bug bounty: If the hacker or hackers comes forward, they can keep 10% of the stolen funds.
  • The post confirmed earlier reports that the integration of ERC-777 AMP token contracts in the Cream protocol were the root cause.
  • While the AMP market integration took place in February, it was only five days before the attack that a big influx of AMP tokens on Cream made the account profitable, according to the blog post.
  • Cream said it will re-deploy AMP borrowing and lending once the vulnerability has been patched.
VolumeMuteUnmute

Over $67M in Crypto Lost to Hacks and Exploits in February: Immunefi Report

  • Running With Crypto: 5 Questions With TRM Labs' Ari Redbord
    00:59
    Running With Crypto: 5 Questions With TRM Labs' Ari Redbord
  • Hacks Involving North Korea Are 'Even Greater Problem': Legal Experts
    09:43
    Hacks Involving North Korea Are 'Even Greater Problem': Legal Experts
  • Breaking Down the State of Hacking in 2024
    02:01
    Breaking Down the State of Hacking in 2024
  • Crypto Hack Volumes Fell by More Than 50% in 2023: TRM Labs
    00:59
    Crypto Hack Volumes Fell by More Than 50% in 2023: TRM Labs

    • See also: The Poly Hack and Crypto’s Trust Issues

    Disclosure

    Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

    CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. In November 2023, CoinDesk was acquired by the Bullish group, owner of Bullish, a regulated, digital assets exchange. The Bullish group is majority-owned by Block.one; both companies have interests in a variety of blockchain and digital asset businesses and significant holdings of digital assets, including bitcoin. CoinDesk operates as an independent subsidiary with an editorial committee to protect journalistic independence. CoinDesk employees, including journalists, may receive options in the Bullish group as part of their compensation.

    Eliza Gkritsi
    Eliza Gkritsi

    Eliza Gkritsi is a CoinDesk contributor focused on the intersection of crypto and AI.

    Follow @egreechee on Twitter

    Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.

    Read more about
    CybersecurityHack