Ethereum ETH/USD-based DeFi protocol Cream Finance CREAM/USD was exploited for $130 million by hackers on Wednesday.
What Happened: At around 10 a.m. Wednesday, blockchain security analytics firm PeckShield Inc reported the flash loan attack on decentralized lending platform Cream Finance.
At 11:30 a.m., Cream Finance reported it was “investigating an exploit,” later confirming that an attacker had stolen a total of $130 million in crypto tokens.
“This was one of the most sophisticated and cleanly executed DeFi attacks. The summary of the attack is that the attacker borrowed $1.5b of Yearn’s yUSD vault shares against $2b worth of collateral. They then doubled the value of the shares atomically by donating yUSD to the yearn vault. This meant that their debt on Cream became $3b against a $2b collateral. They can now default and take home a sweet $1b profit. Cream only had $130m assets available for lending, so the attacker was limited to $130m profits,” summarized blockchain security researcher Mudit Gupta in a blog.
The latest exploit is the third Cream has faced this year, and the third largest hack in DeFi history.
The value of Cream Finance’s native crypto token fell sharply following the news of the hack. CREAM dropped by 30% within minutes and as of Thursday, the token’s price had still not completely recovered.
Price Action: At press time, CREAM was trading at $109.03, down 5.37% over 24 hours.
Photo by Moritz Erken on Unsplash.
© 2024 Benzinga.com. Benzinga does not provide investment advice. All rights reserved.
Trade confidently with insights and alerts from analyst ratings, free reports and breaking news that affects the stocks you care about.
