DeFi Platform Cream Finance Lost $29 Million Due to Hacking

Aug 31, 2021

DeFi Platform Cream Finance Lost $29 Million Due to Hacking

A hack of Cream Finance, a defi borrowing and lending protocol, resulted in the loss of more than $29 million from its vaults. The attacker took advantage of a loophole in the implementation for adding the amp token to the protocol. This is the second time that the platform has been hacked. Cream lost $37.5 million in the first hack, which occurred in February.

Cream Protocol Suffers Hack

Cream protocol, a decentralized lending and borrowing platform that operates on four distinct chains (Ethereum, BSC, Polygon, and Fantom), was hacked on Monday, resulting in the theft of $29 million in various cryptocurrencies. The attacker took advantage of a flaw in the protocol created by the addition of the amp token. According to Peckshield, a blockchain security and data analytics firm, the hack was carried out in a single transaction, using a reentrancy flaw in the amp currency's code.

The hacker was able to re-borrow assets throughout the transfer without having to update the original borrow. The hacker was able to obtain 418,311,571 amp (valued $25.1 million) and 1,308.09 ethereum (worth $4.15 million) by repeating the vulnerability 17 times. Prior to the introduction of the amp token, the platform has been examined by Trails Of Bits, a cybersecurity research and consulting organization.

Cream announced that it has put a stop to the exploit by halting supply and borrowing on amp. The procedure also said that no other markets were impacted and that a post-mortem report will be released at a later time.

Not the First Time

This isn't the first time Cream's website has been hacked. A breach on the site occurred less than six months ago, allowing the attacker to withdraw $37.5 million. Using an unpublished version of an Alpha Finance contract, another defi protocol, the hack took advantage of a rounding miscalculation in the code as well as a whitelisting function. After seizing the money, the attacker transferred them to Tornado.cash, an Ethereum protocol that allows for private transactions.

Fortunately, no user money was compromised in the initial breach. However, it demonstrates that the DeFi ecosystem is extremely complicated, and that even minor protocol changes (such as introducing a currency or whitelisting another platform) can have a significant influence on future security.

Subscribe Our Newsletter

Coinbase and the SEC Are Facing Off. What’s at Stake
Coinbase and the SEC Are Facing Off. What’s at Stake

The industry has been grappling with the question of whether tokens should be classed as currencies, commodities, or securities. Some tokens, according to the SEC, most likely fit the definition of security. According to the SEC, Ripple – a payments network coin — is security, though Ripple Labs and the regulator are involved in a court dispute over this distinction.

Crypto
Morning Brief: From Inflation, Investment in Crypto to Taiwan Semiconductor Manufacturing
Morning Brief: From Inflation, Investment in Crypto to Taiwan Semiconductor Manufacturing

This week's inflation figures could either boost or derail the market's summer momentum. Investors will get the most recent indication of how swiftly prices are growing across the US economy from three upcoming releases: PPI, CPI, and unit employment costs.

Banks and Finance
B2BROKER Liquidity B2BROKER Liquidity
Sponsored
Constantine

What Are Index Funds, and How do you invest in them?
Learn what index funds are, what varieties they come in, what advantages they offer, and how to start investing from scratch and make your first profit.

discover
How to Choose the Best Crypto Payment Provider

Oliver

How to Choose the Best Crypto Payment Provider?

The cryptocurrency market is booming at an unprecedented rate. Currently, there are over 20,000 different kinds of cryptocurrencies being traded in the global crypto market. This significant growth has caught the attention of many businesses and entrepreneurs who are now looking for ways to implement cryptocurrency into their own activities and accept crypto payments.

Crypto Payments
Contact us bg

Contact Us

Contact the Liquidity Provider
for any questions and advertising inquiries

    Please fill out this contact form to get in touch with us

    / 3000

    By clicking “Get in touch” button, you agree to the privacy policy

    Successful!
    Thank you for your request.
    We will contact you shortly.
    Close

    Сonstantine

    How to Get a Crypto Exchange License?

    How to Get Crypto Exchange License

    Сonstantine

    Best Crypto to Buy Now: Guide for Investors

    Best Crypto To Buy Now

    Hazem

    Grok vs ChatGPT: What’s the Best AI Assistant You Need in 2025

    Grok vs ChatGPT

    Сonstantine

    How to Choose the Right Liquidity Provider for Your Brokerage

    How to Choose the Right Liquidity Provider for Your Brokerage

    Сonstantine

    Low-Latency Trading Defined: Speed, Strategy and Technology

    Low-Latency Trading Explained

    Hazem

    How Liquidity Depth Affects Slippage in High-Volume Trading

    Liquidity depth and slippage in trading

    Hazem

    What is FIX API Liquidity Connection and How Does it Power Institutional Trading?

    FIX API in institutional trading

    Сonstantine

    OTC Trading Strategies and Technologies to Succeed in Over-the-Counter Markets

    OTC Trading Strategies

    Alexander

    What is OTC Trading? A Complete Guide for 2025

    what is OTC

    Alexander

    Synthetic Futures: A Trader’s Guide to Replicating Positions with Options

    How to Trade Synthetic Futures

    Сonstantine

    Order Book Depth: What It Is And Why It Matters?

    Order Book Depth What It is And Why It Matters

    Alexander

    Spot vs Perpetual Futures: Which Is Right for You?

    Spot vs Perpetual Futures explained

    Hazem

    5 Reasons Traders Are Switching to Perpetual Futures

    5 Reasons to Switch to Perpetual Futures

    Constantine

    Top 3 Liquidity Challenges Facing New Exchanges and How to Solve Them

    Top 3 Liquidity Challenges Facing New Exchanges Today

    Constantine

    Financial Planning in the Cryptocurrency Era — Master Crypto and Digital Asset Strategies

    Financial Planning in the Cryptocurrency Era

    Hazem

    Best Platforms to Trade Perpetual Futures in 2025

    Best platforms to trade perpetual futures in 2025

    Alex

    Top 10 Fintech Website Development Agencies for 2025

    Best Fintech Website Development Agencies for 2025

    Сonstantine

    Internal vs External Range Liquidity In ICT Trading Explained

    Internal vs External Range Liquidity In ICT Trading

    Constantine

    Portfolio Backtesting — Tools, Metrics, and Methods Explained

    Portfolio Backtesting

    Сonstantine

    ICT Trading Explained: Smart Money Concepts, Tools and Setups

    ICT Trading Explained

    Сonstantine

    CFD Trading Strategies: A Practical Guide to Risk and Execution

    CFD Trading Strategies

    Alexander

    What is a Fair Value Gap? A Guide to Trading Market Imbalances

    What is Fair Value Gap

    Vitaliy

    Triangle Patterns in Trading: Mastering Ascending, Descending & Symmetrical Strategies for Maximum Profit

    Triangle Patterns in Trading: Ascending, Descending & Symmetrical Guide

    Alexander

    What Is COTI? Payments, Token & Price Prediction

    What is a COTI coin
    liquidity-provider-logo
    • News
      • Stock Market Forecast
      • Stocks
      • Banks and Finance
      • Companies
      • Crypto
      • Forex
      • AI
      • Technology
      • DeFi
      • NFT
    • Articles
      • Crypto Payments
      • Trading
      • Crypto Exchange Business
      • Forex Business
      • Fintech
      • Liquidity
      • FinTech Awards
      • Blockchain
      • Investing
      • NFT
      • DeFi
    • More
      • Videos
      • Liquidity Providers List
      • Crypto Payment Providers
      • White Label Brokerage Platforms
      • Broker CRM Platforms
    [email protected]

    © 2024 Liquidity Provider. All Rights Reserved

    Privacy Policy Cookie Policy
    This site is registered on wpml.org as a development site. Switch to a production site key to remove this banner.