CREAM Finance Addresses Recent Exploit

Share Article
In Brief
  • CREAM Finance addressed the recent exploit it experienced, providing a ‘postmortem’ in a recent blog post.

  • Earlier this week, CREAM Finance lost $25 million in ETH and AMP in a flash loan attack.

  • The lending platform is working with authorities to trace the attacker and created a plan to restore the lost funds.

  • promo

    Stake your points and qualify for the 200,000 USDT prize pool. Start staking now!

The Trust Project is an international consortium of news organizations building standards of transparency.

Decentralized finance (DeFi) lending platform CREAM Finance addressed the recent exploit it experienced, providing a ‘postmortem’ in a recent blog post.

Sponsored



Sponsored

First, CREAM assured its community and partners that it had stopped the exploit. The lending platform also added that it was working with authorities to trace the attacker and had created a plan to restore the lost funds.

AMP exploit

Earlier this week, CREAM Finance lost $25 million in a flash loan attack, the second in the past half year. Blockchain security company PeckShield Inc. first broke the news on Twitter, citing data from Etherscan, which CREAM confirmed shortly thereafter.

Sponsored



Sponsored

In its postmortem, CREAM went into further detail about what occurred. At roughly noon on August 31, attackers exploited the platform for 462,079,976 in AMP tokens and 2,804.96 ETH tokens. CREAM said it would replace the stolen ETH and AMP, so as to preclude any liquidity issues for users. It also committed to allocating 20% of all protocol fees toward repayment. 

CREAM reported that there was a main initial exploit, in addition to a smaller copycat. However, the copy-cat exploit address has withdrawal history with Binance. Accordingly, CREAM is working with the exchange to identify the perpetrator. The report added that they would forward all relevant information law enforcement authorities. It also expressed its intent to “prosecute to the fullest extent of the law.”

Additionally, CREAM added that it would provide a bounty if someone can identify or provide information leading to the arrest of the exploiter. If the exploiter is successfully arrested and prosecuted, CREAM said it would share 50% of the funds returned as a reward. 

CREAM also invited the exploiter to return the funds in return for keeping 10% as a bug bounty. With the assistance of PeckShield, CREAM determined that the root cause of the exploit was an error in the way it integrated AMP into its protocol. 

Disclaimer

All the information contained on our website is published in good faith and for general information purposes only. Any action the reader takes upon the information found on our website is strictly at their own risk.
Sponsored
Share Article

Nick is a data scientist who teaches economics and communication in Budapest, Hungary, where he received a BA in Political Science and Economics and an MSc in Business Analytics from CEU. He has been writing about cryptocurrency and blockchain technology since 2018, and is intrigued by its potential economic and political usage. He can best be described as an optimistic center-left skeptic.

Follow Author

Limited offer! Learn to mine and trade crypto today for free

Join

Earn up to $10,000 USD every week in CoinFLEX AMM+ Arena!

Earn Now

Be our Supreme Scorer and qualify for a grand prize pool of 200,000 USDT!

Join