Sign up to save your podcasts
Or
Share Cream Finance Suffers Another Flash Loan Attack, Losing $136 Million
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Cream Finance Suffers Another Flash Loan Attack, Losing $136 Million
Cream Finance, the DeFi lending protocol, has been hit by another flash loan attack. This time, the attacker stole DeFi tokens worth nearly $136 million.
Protocol for decentralised lending Cream Finance has been the target of a significant flash loan attack. The attacker obtained a $2 billion loan from Aave and fled with over $136 million in Ethereum-based tokens.
Cream Finance Suffers Another Attack From Flash Loans
Cream Finance has been taken advantage of.
Earlier today, an attacker successfully used a flash loan to borrow 524,102.159 ETH from Aave, which is worth approximately $2 billion at today's prices. They then drained Cream Finance of several DeFi tokens, pocketing approximately $136 million at peak prices, according to Zerion. The attack cost $36,574.34 and the transaction can be viewed on Etherscan.
PeckShield, a firm that audits smart contracts, announced the attack this afternoon on Twitter, while Cream Finance stated that it was "investigating an exploit on C.R.E.A.M. v1 on Ethereum." The team added that it would provide additional updates as they become available.
According to Etherscan, the attacker transferred at least $92 million to one Ethereum wallet and $23 million to another. The funds were primarily made up of Cream LP tokens, which are earned by providing liquidity to the protocol, as well as XSUSHI, WNXM, YFI, and a variety of other ERC-20 tokens and stablecoins.
The attacker left the following message in the transaction's input data:
“Baave lucky, iron bank lucky, cream not. incest bad, don't do”
The message is almost certainly referring to Cream Finance's Iron Bank, which Alpha Finance utilises in conjunction with Cream. Following the attack, Alpha Finance issued an update confirming that Iron Bank and its Alpha Homora V2 product were "safe." Yearn Finance also issued an update, confirming that none of its products were impacted and that its team was assisting Cream with the investigation of the exploit.
Notably, the wallet containing the majority of the attacker's stolen funds received a transaction following the attack from a user with the Ethereum Name Service domain oilysirs.eth. The transaction included a warning to the attacker that they "are NGMI" and "will never be able to cash out that amount." The term "NGMI" is a well-known meme in the cryptocurrency community. It is frequently used as an insult to convey the message "Not Going to Make It."
Following the attack, Adam Cochran, a crypto investor and researcher, noted that Cream's staked Ethereum 2.0 service is custodial, implying that users may be reimbursed for the stolen Cream LP tokens.
Additionally, the attacker used the DeFi exchange aggregator ParaSwap to convert AAVE and PERP tokens to ETH and USDC. Additionally, they utilised Ren's bridge to transfer over $6 million into BTC.
The protocol's total value has decreased by 72%, while the price of Cream's native governance token, CREAM, has fallen by around 27%, trading at $114 at the time of press.
Notably, this is not the first time Cream Finance has come under fire. Only in August did the protocol lose $34 million in a similar attack, though the attacker later returned a portion of the funds.
Support us!
View all episodes
By Crypto PiratesCream Finance, the DeFi lending protocol, has been hit by another flash loan attack. This time, the attacker stole DeFi tokens worth nearly $136 million.
Protocol for decentralised lending Cream Finance has been the target of a significant flash loan attack. The attacker obtained a $2 billion loan from Aave and fled with over $136 million in Ethereum-based tokens.
Cream Finance Suffers Another Attack From Flash Loans
Cream Finance has been taken advantage of.
Earlier today, an attacker successfully used a flash loan to borrow 524,102.159 ETH from Aave, which is worth approximately $2 billion at today's prices. They then drained Cream Finance of several DeFi tokens, pocketing approximately $136 million at peak prices, according to Zerion. The attack cost $36,574.34 and the transaction can be viewed on Etherscan.
PeckShield, a firm that audits smart contracts, announced the attack this afternoon on Twitter, while Cream Finance stated that it was "investigating an exploit on C.R.E.A.M. v1 on Ethereum." The team added that it would provide additional updates as they become available.
According to Etherscan, the attacker transferred at least $92 million to one Ethereum wallet and $23 million to another. The funds were primarily made up of Cream LP tokens, which are earned by providing liquidity to the protocol, as well as XSUSHI, WNXM, YFI, and a variety of other ERC-20 tokens and stablecoins.
The attacker left the following message in the transaction's input data:
“Baave lucky, iron bank lucky, cream not. incest bad, don't do”
The message is almost certainly referring to Cream Finance's Iron Bank, which Alpha Finance utilises in conjunction with Cream. Following the attack, Alpha Finance issued an update confirming that Iron Bank and its Alpha Homora V2 product were "safe." Yearn Finance also issued an update, confirming that none of its products were impacted and that its team was assisting Cream with the investigation of the exploit.
Notably, the wallet containing the majority of the attacker's stolen funds received a transaction following the attack from a user with the Ethereum Name Service domain oilysirs.eth. The transaction included a warning to the attacker that they "are NGMI" and "will never be able to cash out that amount." The term "NGMI" is a well-known meme in the cryptocurrency community. It is frequently used as an insult to convey the message "Not Going to Make It."
Following the attack, Adam Cochran, a crypto investor and researcher, noted that Cream's staked Ethereum 2.0 service is custodial, implying that users may be reimbursed for the stolen Cream LP tokens.
Additionally, the attacker used the DeFi exchange aggregator ParaSwap to convert AAVE and PERP tokens to ETH and USDC. Additionally, they utilised Ren's bridge to transfer over $6 million into BTC.
The protocol's total value has decreased by 72%, while the price of Cream's native governance token, CREAM, has fallen by around 27%, trading at $114 at the time of press.
Notably, this is not the first time Cream Finance has come under fire. Only in August did the protocol lose $34 million in a similar attack, though the attacker later returned a portion of the funds.
Support us!