BSV
$68.08
Vol 219.67m
-2.58%
BTC
$98418
Vol 124637.96m
3.65%
BCH
$488.89
Vol 2307.66m
9.15%
LTC
$90.1
Vol 1455.02m
6.33%
DOGE
$0.38
Vol 9573.5m
0.07%
Getting your Trinity Audio player ready...

Ethereum-based liquidity pools on C.R.E.A.M Finance were drained by an attacker which resulted in  $115 million leaving the platform; this makes the C.R.E.A.M Finance exploit the third-largest DeFi attack in DeFi history according to the Rekt leaderboard, which tracks and ranks the total value lost in various DeFi hacks.

According to the DeFi data aggregator DeFi Lama, there was roughly $1.06 billion locked in C.R.E.A.M Finance’s ETH-based liquidity pools before the time of the attack. But now, when you check the ‘markets page’ on the C.R.E.A.M Finance website, you will find that most of its ethereum-based pools have zero liquidity. After the hacker drained the liquidity pools, they sent $92 million to one address and $23 million to a second address.

The attacker, who remains unknown, was able to drain the liquidity pools by way of a flash loan attack. A flash loan attack is when an attacker takes out a loan from one DeFi platform or service provider and uses the borrowed money to interact with smart contracts in a way that manipulates prices of DeFi tokens in their favor so that they can subsequently drain a projects liquidity pool at prices favorable to them.

The C.R.E.A.M Finance exploit was complex and required the attacker to transfer 68 different tokens to their own wallet from many unique locations. The attack was so large, that it costs the attacker 9.16 Ether in transaction fees – roughly $36,700 as of press time – to execute the attack on-chain.

As of press time, the hacker is trying to launder the money by sending it to services and platforms that obfuscate transaction history by mixing user transactions together before redistributing the jumbled funds.

Two exploits in two months

This isn’t the first time that C.R.E.A.M finance has been exploited, in August, C.R.E.A.M finance was exploited for $18.8 million by way of a flash loan attack.

Flash loans continue to be a popular method to exploit DeFi platforms and contracts. It is difficult for platforms to protect against these types of attacks because exploits don’t require attackers to breach the system they are attacking. Instead, they require the attacker to have advanced knowledge of the system in a way that lets them know how their actions on one end of the platform or an external platform, affect other areas of the platform they are exploiting.

This latest C.R.E.A.M Finance exploit is a developing story, and the C.R.E.A.M Finance team says they will be sharing updates as soon as they are available.

Follow CoinGeek’s Crypto Crime Cartel series, which delves into the stream of groups—a from BitMEX to BinanceBitcoin.comBlockstreamShapeShiftCoinbaseRipple and
Ethereum—who have co-opted the digital asset revolution and turned the industry into a minefield for naïve (and even experienced) players in the market.

Recommended for you

Sch. Post test

Lorem ipsum odor amet, consectetuer adipiscing elit. Elit torquent maximus natoque viverra cursus maximus felis. Auctor commodo aliquet himenaeos fermentum

November 7, 2024
Post with chaching

Lorem ipsum odor amet, consectetuer adipiscing elit. Accumsan mi at at semper libero pretium justo. Dictum parturient conubia turpis interdum

November 4, 2024
Advertisement