DeFi lender Cream Finance is the latest victim of DeFi criminals as the protocol has suffered a $25 million flash loan attack involving Ethereum (ETH) and Flexa Network’s native token, AMP.
On Monday, August 30, Cream announced that its Ethereum V1 market had suffered a hack resulting massive losses in ETH and AMP tokens. The attacker has made off with more than 418,311,571 in Flexa Network’s native token, AMP, and 1,308 Ethereum. The announcement reads:
C.R.E.A.M. v1 market on Ethereum has suffered an exploit, resulting in a loss of 418,311,571 in AMP and 1,308.09 in ETH, by way of reentrancy on the AMP token contract.
We have stopped the exploit by pausing supply and borrow on AMP. No other markets were affected.
— Cream Finance 🍦 (@CreamdotFinance) August 30, 2021
“C.R.E.A.M. v1 market on Ethereum has suffered an exploit, resulting in a loss of 418,311,571 in AMP and 1,308.09 in ETH, by way of reentrancy on the AMP token contract.
We have stopped the exploit by pausing supply and borrow on AMP. No other markets were affected.”
The total stolen amount summed to around $25 at the time of hack. AMP price sharply after the attack, bringing the stolen amount down to around $19 million. The hacker’s address indicate that he currently has $18.727 million on his address.
3/4 Specifically, in the example tx, the hacker makes a flashloan of 500 ETH and deposit the funds as collateral. Then the hacker borrows 19M $AMP and makes use of the reentrancy bug to re-borrow 355 ETH inside $AMP token transfer(). Then the hacker self-liquidates the borrow. pic.twitter.com/ryVX2RoxhJ
— PeckShield Inc. (@peckshield) August 30, 2021
According to Cream Finance, the hacker exploited a reentrancy bug in the AMP token contract in a set of 17 transactions. The AMP token contract implements ERC77-based ERC1820, which has the _callPreTransferHooks for reentrancy. Blockchain security firm PeckShield confirmed that the hack was due to a “reentrancy bug introduced by $AMP”. PeckShield explained:
“The hack is made possible due to a reentrancy bug introduced by $AMP, which is an ERC777-like token and exploited to re-borrow assets during its transfer before updating the first borrow.”
This was flashloan exploit where hacker took a flashloan in ETH and used that loan to borrow AMP tokens. PeckShield explained the attack as:
“Specifically, in the example tx, the hacker makes a flashloan of 500 ETH and deposit the funds as collateral. Then the hacker borrows 19M $AMP and makes use of the reentrancy bug to re-borrow 355 ETHs inside $AMP token transfer (). Then the hacker self-liquidates the borrow.”
The attacker repeated the above process in 17 different transactions and was able to get 5.98K ETHs, worth around $19 million. The funds are now in 0xcE1F4B4F17224ec6df16Eeb1e3e5321c54Ff6Ede address.
Following the attack, both the Amp token and Cream Finance’s native token, CREAM, saw a notable price drop. AMP plummeted 13% and CREAM is changing hands at $165 with 8% drop in the last 24-hours.
As discussed earlier, Cream Finance’s V2 Iron Bank was involved in a massive $37 million Alpha Homora Flash Loan Attack. In February 2021, Alpha Homora suffered a $37-million hack, which exploited Cream’s Iron Bank protocol-to-protocol lending platform.
If you found this article interesting, here you can find more DeFi News
