Cream Finance Suffers $130 Million Hack

Oct 29, 2021 | Bitcoin News | 0 comments


Ethereum defi protocol Cream Finance suffered an exploit yesterday that allowed attackers to steal $130 million from its holdings. The news was first revealed by Peckshield, a blockchain analytics company that discovered a flash loan had exploited the platform. This is the third hack the protocol has suffered in its history, being exploited for $36 and $29 million before, respectively.

Cream Finance Hacked Yet Again

Cream Finance, an Ethereum-based lending and borrowing protocol, suffered an exploit that allowed the hackers to steal $130 million worth of ether and ERC-20 tokens. According to Slowmist, a blockchain security organization, the attack netted 2,760.22 ether and 60 tokens including HBTC, USDT, BUSD, and others. The attack was perpetrated in the form of a series of flash loans in a very unorthodox way, which has led some to think the hacker was an experienced defi developer.

Another blockchain security firm, Peckshield, broke the news, linking to the flash loan that caused the hack via Twitter. The firm supposed the attack was possible due to a bug in a price oracle. The Cream team quickly acknowledged the situation, informing users about the hack. They also stated:

With the help of friends from Yearn Finance and others in the community, we were able to identify the vulnerabilities and patch them. In the meantime, we’ve paused our v1 lending markets on Ethereum and we’re in the process of putting together a post-mortem review.

Suspicious Circumstances

The Cream Finance team has since been trying to communicate with the hackers, offering to give them 10% of all the tokens that were lost. This is a known strategy that has paid off for some protocols that have been exploited in the past. Still, no response has been received.

The exploit transaction carries an enigmatic message that seems to point in the direction of this being a directed action against the protocol. The message, that also mentioned other protocols, stated:

gÃTµ Baave lucky, iron bank lucky, cream not. ydev : incest bad, dont do.

This is not the first time that Cream has been exploited. The protocol has a rather bad record, having been exploited three times during this year. The first time, in February, the protocol’s Iron Bank lost $36 million in another flash loan attack. After that event, Cream Finance was hacked again in August, when an exploit caused losses of $29 million.

What do you think about Cream Finance’s last exploit and the strange circumstances that surround it? Tell us in the comments section below.

News Source from

Related Articles

Facebook (Meta) Removes It’s Ban Of Crypto Ads

Facebook (Meta) Removes It’s Ban Of Crypto Ads

Crypto advertising on social media has been a hot topic throughout the year. We’ve covered much of the back and forth both at Bitcoinist and over at our sister network NewsBTC over the years. A prime example of this occurred in recent months Google shifted their...

FTX.US adds support for Ethereum-based NFTs to its marketplace

FTX.US adds support for Ethereum-based NFTs to its marketplace

After hinting that this feature would come soon, the U.S.-based crypto exchange FTX.US now allows users to buy, sell and display Ethereum NFTs on its previously Solana-only non-fungible token (NFT) marketplace.  According to a tweet from the exchange, Wednesday marks...

Shiba Inu Grows 33% In One Day As Whales Load Up On SHIB

Shiba Inu Grows 33% In One Day As Whales Load Up On SHIB

Shiba Inu has been on the rebound since this week opened up for trading. The meme coin had not had the best of weeks as it had dipped to the $0.00003 range following the market crash. The dips have caused some to panic and question the viability of the cryptocurrency...

Pin It on Pinterest

Share This