DeFi Platform Cream Finance Lost $29 Million Due to Hacking

Aug 31, 2021

DeFi Platform Cream Finance Lost $29 Million Due to Hacking

A hack of Cream Finance, a defi borrowing and lending protocol, resulted in the loss of more than $29 million from its vaults. The attacker took advantage of a loophole in the implementation for adding the amp token to the protocol. This is the second time that the platform has been hacked. Cream lost $37.5 million in the first hack, which occurred in February.

Cream Protocol Suffers Hack

Cream protocol, a decentralized lending and borrowing platform that operates on four distinct chains (Ethereum, BSC, Polygon, and Fantom), was hacked on Monday, resulting in the theft of $29 million in various cryptocurrencies. The attacker took advantage of a flaw in the protocol created by the addition of the amp token. According to Peckshield, a blockchain security and data analytics firm, the hack was carried out in a single transaction, using a reentrancy flaw in the amp currency's code.

The hacker was able to re-borrow assets throughout the transfer without having to update the original borrow. The hacker was able to obtain 418,311,571 amp (valued $25.1 million) and 1,308.09 ethereum (worth $4.15 million) by repeating the vulnerability 17 times. Prior to the introduction of the amp token, the platform has been examined by Trails Of Bits, a cybersecurity research and consulting organization.

Cream announced that it has put a stop to the exploit by halting supply and borrowing on amp. The procedure also said that no other markets were impacted and that a post-mortem report will be released at a later time.

Not the First Time

This isn't the first time Cream's website has been hacked. A breach on the site occurred less than six months ago, allowing the attacker to withdraw $37.5 million. Using an unpublished version of an Alpha Finance contract, another defi protocol, the hack took advantage of a rounding miscalculation in the code as well as a whitelisting function. After seizing the money, the attacker transferred them to Tornado.cash, an Ethereum protocol that allows for private transactions.

Fortunately, no user money was compromised in the initial breach. However, it demonstrates that the DeFi ecosystem is extremely complicated, and that even minor protocol changes (such as introducing a currency or whitelisting another platform) can have a significant influence on future security.

Subscribe Our Newsletter

Google AI News and AI Trends in 2024

Nato

Google AI News: Bard Rebranded as Gemini

Google AI news about rebranding its Bard chatbot to Gemini, with the launch of Gemini Ultra 1.0, its most powerful generative AI model, made today’s headlines.

AI
GameStop Reports a Surprise Loss. ‘We Have Learned From the Mistakes of the Past Decade.’
GameStop Reports a Surprise Loss. ‘We Have Learned From the Mistakes of the Past Decade.’

GameStop also shared an update on their foray into the non-fungible token arena on Thursday. It now intends to launch its NFT marketplace by the end of fiscal 2022's second quarter.

Stocks
Get the ultimate solution: B2BinPay Get the ultimate solution: B2BinPay
Sponsored
Constantine

How to Start a Brokerage Firm in 2024?
Learn how to start a brokerage firm in 2024, covering legal steps, business models, technology, and compliance to build a successful and reliable company.

discover
statement of cash flows explained

Alexander

Understanding Cash Flow Statement: How Can You Interpret It?

Learn the basics of a cash flow statement and how they can provide valuable insights into a business's financial health.

Fintech
Contact us bg

Contact Us

Contact the Liquidity Provider
for any questions and advertising inquiries

    Please fill out this contact form to get in touch with us

    / 3000

    By clicking “Get in touch” button, you agree to the privacy policy

    Successful!
    Thank you for your request.
    We will contact you shortly.
    Close

    Alexander

    What Is COTI? Payments, Token & Price Prediction

    What is a COTI coin

    Constantine

    Best Copy Trading Software in 2025

    Best Copy Trading Software in 2025

    Alex

    What Is an AI Agent? The Future of Finance Explained

    AI Agent Explained

    Constantine

    How to Start a Liquidity Provider Business?

    How to Start a Liquidity Provider Business

    Constantine

    How to Start a White Label Brokerage?

    How to start a white label brokerage

    Constantine

    How to Start a Multi-Asset Brokerage?

    How to Start a Multi-Asset Brokerage

    Hazem

    Crypto Ransomware – How They Happen and How to Avoid Them

    Crypto ransomware explained

    Constantine

    Best Web3 Browsers in 2025

    Best Web3 Browsers

    Constantine

    Best DAO Projects in 2025

    Best DAO projects in 2025

    Alexander

    Crypto Nodes That Pay: Your 2025 Guide to Top Passive Income Opportunities in Crypto

    crypto nodes that pay

    Alex

    Pi Network: Scam or Groundbreaking Crypto? The Full Analysis

    Pi Network Explained

    Constantine

    Triple Net Lease: Meaning, Benefits, and Strategies Explained

    Triple Net Lease

    Constantine

    Hanging Man Pattern: How to Identify and Trade It Effectively

    Hanging Man Pattern

    Alex

    5 Infinite Banking Mistakes That Could Cost You Thousands

    Infinite Banking Mistakes to Avoid

    Aleksander

    Solana Firedancer: Solving Solana’s Biggest Problems with a New Engine

    Solana Firedancer explained

    Alexander

    What Is an Interest Coverage Ratio? How to Use This Financial Metric to Evaluate Company Health

    Interest Coverage Ratio Explained

    Hazem

    After-Hours Trading: Can You Trade After Financial Markets Close?

    After-Hours Trading Explained

    Alexander

    How to Scale a Crypto Exchange Business and Stay Competitive

    how to scale crypto exchange business

    Constantine

    Crypto CrypticStreet Review: The Future of DeFi and Secure Crypto Trading

    Crypto CrypticStreet Review: The Future of DeFi and Secure Crypto Trading

    Alexander

    Bitcoin Power Law Explained: How It Shapes BTC’s Long-Term Growth

    Bitcoin Power Law Explained: How It Shapes BTC’s Long-Term Growth

    Hazem

    Megaphone Pattern​: What Is It? How to Use It In Trading

    Megaphone Pattern​: How to Read & Trade with It

    Constantine

    Top 5 Liquidity Bridge Providers in DeFi

    Top 5 Liquidity Bridge Providers in DeFi

    Hazem

    Max Funded IUL Explained: Is It a Legitimate Financial Strategy?

    Understanding Max Funded IUL

    Alexander

    Tax Refund Timeline: When Will You Get Your Tax Return?

    how long does it take for tax refund
    liquidity-provider-logo
    • News
      • Stock Market Forecast
      • Stocks
      • Banks and Finance
      • Companies
      • Crypto
      • Forex
      • AI
      • Technology
      • DeFi
      • NFT
    • Articles
      • Crypto Payments
      • Trading
      • Crypto Exchange Business
      • Forex Business
      • Fintech
      • Liquidity
      • FinTech Awards
      • Blockchain
      • Investing
      • NFT
      • DeFi
    • More
      • Videos
      • Liquidity Providers List
      • Crypto Payment Providers
      • White Label Brokerage Platforms
      • Broker CRM Platforms
    [email protected]

    © 2024 Liquidity Provider. All Rights Reserved

    Privacy Policy Cookie Policy
    This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.