Hackers Steal $130M From Ethereum-Based DeFi Protocol Cream Finance

Ethereum ETH/USD-based DeFi protocol Cream Finance CREAM/USD was exploited for $130 million by hackers on Wednesday.

What Happened: At around 10 a.m. Wednesday, blockchain security analytics firm PeckShield Inc reported the flash loan attack on decentralized lending platform Cream Finance.

At 11:30 a.m., Cream Finance reported it was “investigating an exploit,” later confirming that an attacker had stolen a total of $130 million in crypto tokens.

“This was one of the most sophisticated and cleanly executed DeFi attacks. The summary of the attack is that the attacker borrowed $1.5b of Yearn’s yUSD vault shares against $2b worth of collateral. They then doubled the value of the shares atomically by donating yUSD to the yearn vault. This meant that their debt on Cream became $3b against a $2b collateral. They can now default and take home a sweet $1b profit. Cream only had $130m assets available for lending, so the attacker was limited to $130m profits,” summarized blockchain security researcher Mudit Gupta in a blog.

The latest exploit is the third Cream has faced this year, and the third largest hack in DeFi history.

The value of Cream Finance’s native crypto token fell sharply following the news of the hack. CREAM dropped by 30% within minutes and as of Thursday, the token’s price had still not completely recovered.

Price Action: At press time, CREAM was trading at $109.03, down 5.37% over 24 hours. 

Photo by Moritz Erken on Unsplash.

Market News and Data brought to you by Benzinga APIs
Comments
Loading...
Posted In: CryptocurrencyNewsMarkets
Benzinga simplifies the market for smarter investing

Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.

Join Now: Free!