Langsung ke konten utama

Defi Platform Cream Finance Hacked, $29 Million Lost

Cream

Cream finance, a defi borrowing and lending protocol, has been the victim of a hack that erased more than $29 million from its vaults. The attacker took advantage of a loophole in the implementation for adding the amp token to the protocol. This is the second time the platform has been involved in a hack. The first breach happened in February, when Cream lost $37.5 million.

Cream Protocol Suffers Hack

Cream protocol, a defi lending-borrowing platform present on four different chains (Ethereum, BSC, Polygon, and Fantom), suffered a hack Monday that resulted in the loss of $29 million in several cryptocurrencies. The attacker took advantage of a bug caused by the introduction of the amp token into the protocol. According to Peckshield, a blockchain security and data analytics company, the hack was perpetrated in just one transaction, taking advantage of a reentrancy bug present in the code of the amp currency.

This allowed the hacker to re-borrow assets during the transfer before updating the first borrow. The exploit was repeated 17 times and allowed the hacker to get ahold of 418,311,571 amp (worth $25.1 million) and 1,308.09 ethereum (worth $4.15 million). The platform had been audited by Trails Of Bits, a cybersecurity research and consulting firm, prior to the inclusion of the amp token.

Cream declared it stopped the exploit by pausing supply and borrow on amp. The protocol also informed users that no other markets were affected, and that it was expecting to offer a post mortem report at a later date.

Not the First Time

This is not the first time Cream has suffered a hacking incident. Less than six months ago, the platform was also affected by a hack that allowed the attacker to withdraw $37.5 million. The hack, using an unreleased version of a contract of Alpha Finance, another defi protocol, exploited a rounding miscalculation in the code and a whitelisting function. After taking control of the funds, the attacker took them to Tornado.cash, a protocol that allows private transactions in Ethereum.

Luckily, no user funds were affected during this first hack. However, it shows that the defi environment is very complex and that even a small change in protocol (like adding a currency or whitelisting another platform) can have a big impact on security in the future.

What do you think about defi-related hacks? Tell us in the comments section below.



source https://news.bitcoin.com/defi-platform-cream-finance-hacked-29-million-lost/

Label

Label:

Komentar

Posting Komentar

Postingan populer dari blog ini

Barry Silbert Resigns as Chairman of Grayscale Investments

Digital Currency Group (DCG) founder Barry Silbert has resigned from his position as the chairman of Grayscale Investments. Current DCG chief financial officer Mark Shifke succeeds Silbert and is joined by Edward McGee and Matthew Kummell as members of the new look board. Preparing for Grayscale’s Next Chapter Barry Silbert, the founder and CEO of Digital Currency Group, has resigned from his position as chairman of the digital asset management company Grayscale and will be replaced by Mark Shifke. According to the company’s filing with the Securities and Exchange Commission (SEC), starting Jan. 1, 2024, Grayscale’s board will be composed of Mark Shifke, Matthew Kummell, and Edward McGee. Current Grayscale Investments CEO Michael Sonnenshein is also a board member, while Mark Murphy, the president of Digital Currency Group (DCG), departs alongside Silbert. Commenting on the changes to the board, an unidentified Grayscale spokeswoman reportedly said: “Grayscale and our investors ...
Posting Komentar
Baca selengkapnya

Bitcoin 2024: Ten Months in Review, Key Milestones, and Expert Predictions for Year-End

As of Nov. 11, 2024, bitcoin (BTC), the undisputed crypto heavyweight, has enjoyed a phenomenal year. Over the last ten months, it has been breaking records across the board. From hashrates to daily transaction peaks, price surges, and making an impact in non-fungible tokens (NFTs) and decentralized finance (defi), BTC has been on a non-stop […] source https://news.bitcoin.com/bitcoin-2024-ten-months-in-review-key-milestones-and-expert-predictions-for-year-end/
Posting Komentar
Baca selengkapnya

Cryptoquant CEO: US Strategic Bitcoin Reserve Adoption Unlikely Amid Economic Strength

Since Donald Trump was elected the 47th President of the United States, bitcoin advocates have faced skepticism about whether his administration and the forthcoming Congress would introduce a strategic bitcoin reserve. Cryptoquant CEO: ‘Bitcoin Standard’ Needs U.S. Economic Decline to Gain Traction Ki Young Ju, CEO of Cryptoquant, took to social media to voice his […] source https://news.bitcoin.com/cryptoquant-ceo-us-strategic-bitcoin-reserve-adoption-unlikely-amid-economic-strength/
Posting Komentar
Baca selengkapnya