Looted Funds from Cream Finance Now on Move

On Sep 12, 2022 at 11:22 am UTC by · 3 mins read

The weakness in security infrastructures from Cream Finance and other recently hacked DeFi protocols has continued to dampen the sentiments surrounding the sector.

The hacker(s) that exploited Cream Finance in one of the historic flash loans attacks in one of the Decentralized Finance (DeFi) ecosystems to date is notably moving the funds to launder. Blockchain data analytics and security firm, PeckShield discovered the movement as shared in a Twitter post today.

According to PeckShield, the Flashloan Exploiter has swapped approximately 1,000 ETH worth about $1.75 million for 80 renBTC. PeckShield was silent about the exchanges or platforms used for the swap, and it seems the identity of the attacker still remains largely unknown.

It has been a very tumultuous year for Cream Finance as the protocol has experienced about three hacks in the past 12 months. The latest hack involved a $130 million exploit as reported by Coinspeaker back in October.

“Our Ethereum C.R.E.A.M. v1 lending markets were exploited and liquidity was removed on October 27, 1354 UTC. The attacker removed a total of ~$130m USD worth of tokens from these markets,” Cream Finance said in a statement at the time, “With the help of friends from @iearnfinance and others in the community, we were able to identify the vulnerabilities and patch them. In the meantime, we’ve paused our v1 lending markets on Ethereum and we’re in the process of putting together a post-mortem review. We apologize to our users and community for this unfortunate incident and thank you for your support.”

Vulnerability of Cream Finance

While not the only DeFi protocol that has been hacked in recent times, the unique vulnerability of Cream Finance is beginning to unnerve a lot of industry stakeholders. In reality, the design model of the platform’s flash loan attack makes it more susceptible to attacks, but many believe the team is not competent enough to wade off these consistent attacks.

Following the PeckShield update of the fund transfer from the latest hack, a Twitter user @Pierre_crypt0 posted a question saying;

“How many times cream can be exploited until we admit people working on the project are imcompetent\at least shouldn’t be working on financial products?”

The weakness in security infrastructures from Cream Finance and other recently hacked DeFi protocols has continued to dampen the sentiments surrounding the sector. While these vulnerabilities take different formats, the comparison of DeFi or crypto-related innovations to those from the traditional financial sector has remained flawed.

While critics are not disputing the ingenious innovation that accompanies the DeFi and the emerging Web3.0 ecosystem, more creative security infrastructure is advocated in a bid to protect consumers and the broader crypto industry.

Share:

Related Articles

Crypto Losses Soar to $3.01 Billion in 2024, Up 15% from Previous Year

By January 9th, 2025

The data shared by PeckShield shows that hackers were behind the majority of the losses that the crypto industry saw in 2024.

Crypto Industry Loses $120M to Hackers in September with BingX Taking Hardest Hit

By October 1st, 2024

In a month of relentless cyber attacks, the crypto industry saw over $120M disappear in hacks, with BingX losing $44M in a single breach.

Munchables NFT Hacker Returns All Funds without Taking Any Ransom

By March 27th, 2024

In collaboration with blockchain investigators including PeckShield and ZachXBT, Munchables initiated efforts to trace the movement of the stolen funds. They have asked victims to follow only the official channels for the refund advise.

Exit mobile version