Cream Finance Exploited in Flash Loan Attack Netting Over $100M
An attacker has gained over $130 million of assets in an exploit that appears to have drained Cream’s coffers.
Oct 27, 2021 at 9:06 p.m. UTC:format(webp)/cloudfront-us-east-1.images.arcpublishing.com/coindesk/ON5BZDH43ZHYPCVZDAGGDO3H3U.jpg)
Credit: Shutterstock
Decentralized finance (DeFi) money market and lending service C.R.E.A.M. Finance appears to have been the target of a devastating exploit Wednesday morning that drained over $260 million in funds, likely the second-largest exploit to date.
Cream’s official Twitter account acknowledged the attack in a Tweet:
Per DeFi Llama, the protocol has an additional $460 million in total value locked (TVL) across Binance Smart Chain, Polygon, Avalanche and Fantom. It is unclear if those funds are also at risk.
The funds appear to have been taken using a flash loan in a notably complex transaction that involved 68 different assets and cost over 9 ETH in gas. Of the $260 million lost, the attacker netted roughly $130 million in various cryptocurrencies, of which $40.6 million may be in illiquid crETH, a staked ETH derivative that may prove difficult for the attacker to sell.
The attacker is now working to “wash” the funds primarily using Ren’s Bitcoin bridge. As is often the case following exploits, individuals are now using Ethereum transactions to ask for donations.
A Cream representative did not respond to a request for comment by press time.
UPDATE (Oct. 27 16:07 UTC): Added TVL information, market size information, and new developments from attacker’s Ethereum address. Removed reference to Curve’s 3Pool as a mixer.
DISCLOSURE
Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.
:format(webp)/www.coindesk.com/resizer/Bo8UKr6IBzjaiaVjgJkmSyYZGsE=/arc-photo-coindesk/arc2-prod/public/TNHTGH2HGNENTKBRGLAEORGCNE.jpg)
Andrew Thurman was a tech reporter at CoinDesk with a focus on DeFi.
Learn more about Consensus 2024, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.