Cream Finance DeFi Platform Rooked For $29M

2021-08-31 20:33

Cream Finance is the latest decentralized finance platform for cryptocurrency trading to take a major financial hit at the hands of hackers, losing nearly $19 million in an attack this week on its "Flash loan" feature.

The attacker was able to steal nearly $29 million before being discovered, 418,311,571 in Amp Coin and 1,308.09 in Ethereum cryptocurrency, Cream Finance confirmed.

The attack on Cream Finance comes just days after Poly Networks suffered a $610 million theft, the largest DeFi breach in history, before the money was returned by the attacker in a weird twist, likely after the criminal figured out that stealing the crypto is easier than making a withdrawal.

An error in smart-contract coding is what enabled the Cream Finance reentry attack, Stewart said.

"The recent security breach of the Cream Finance platform was facilitated by the latest in a long chain of smart contract vulnerabilities introduced by human error," Stewart said.

The most recent data shows DeFi platforms were on the receiving end of 76 percent of all major hacks in 2021 and even before the Poly Networks hack, losses for 2021 had already exploded by 180 percent over last year, according to Atlas VPN. With rising risk of theft, its going to be up to the DeFi platforms themselves and larger cryptocurrency community to offer some reassurance it's safe.

News URL

https://threatpost.com/cream-finance-defi-29m/169077/