Zephyrnet Logo

Attack on CREAM Sees $37.5 Million Stolen

Date:

Decentralized finance has come a long way over the last year, with new and innovative features constantly evolving and adapting to new projects and contracts. However exploits still occur, as was seen on Feb. 13.

Popular DeFi project CREAM saw a massive $37.5 million flash loan exploit take place on Saturday. While the story is still developing, the team announced the attack. They stated that they are working on a post mortem through relevant parties. 

It appears the exploit took place using Alpha Homora through the borrowing of sUSD from IronBank.

While just how the exploiter managed to continuously lend double the amount of funds, it appears that 13,200 WETH, 3.6 million USDC, 5.6 million USDT, and 4.2 million DAI have been taken by the perpetrator. 

Research analyst at The Block Igor Igamberdiev detailed on Twitter the process and how it unfolded: 

It is believed that Alpha Labs has patched the issue. And while the funds were exploited through Alpha Hamora, an Ethereum protocol for leveraging your position in yield farming pools, the funds were borrowed by the exploiter. 

Alpha Labs has since stated that they are working with YFI founder Andre Cronje and CREAM Finance to investigate the stolen funds. They say that a prime suspect has already been identified. 

CREAM Dumps on Attack

Following the exploit on Alpha Hamora, CREAM saw a 40% decline in price. It fell from $285 to $173. 

CREAM Price dropped 40% following the exploit. Source: Tradingview

As one of the deployers, the price suffered a dramatic drop before seeing some recovery. CREAM has announced that everything is functioning as normal. The team re-started markets, and a post mortem will follow.

Sign of the Times

This hack comes as the number of attacks rises with the bitcoin bull cycle. On Jan. 26, a hacker exploited a system vulnerability on SushiSwap using the Badger DAO token DIGG. The hacker made off with 81 ETH, worth approximately $103,842 at the time. 

Following a hack late in December 2020, Livecoin closed its doors permanently on Jan. 19. While the SushiSwap and Cream attacks seem to be simple exploits, the Livecoin case is different. The event looks to some to be an exit scam run by some of its principals. Technically, the event is interesting because the price of bitcoin on Livecoin reached $222,000 before the exchange shut down. Ethereum reached $6500 as well.

On Dec. 28, a white-hat hacker stole $3 million from Cover Protocol, only to return it a few hours later. In this case, the hacker used an infinite minting bug to create excess COVER tokens. 

Disclaimer

All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.

Share Article

Ryan is a Fintech specialist with a passion for cryptocurrencies and blockchain adoption. He discovered Bitcoin in 2016 when investing in a Ponzi scheme, and it was the best decision he ever made.

Follow Author

Source: https://beincrypto.com/attack-on-cream-sees-37-5-million-stolen/

spot_img

Latest Intelligence

spot_img