BREAKING: Cream Finance appears to have suffered major loss in flash loan hack

Decentralized lending platform Cream Finance appears to have suffered a severe exploit on Wednesday, with an attacker stealing over $100 million worth of funds through a large flash loan attack. 

Blockchain data analytics company PeckShield first identified the flash loan on Wednesday. The compromised funds were mainly Cream LP tokens, as well as other Ethereum-based tokens.

#FlashLoanAlert https://t.co/XzAvHqoINN

— PeckShield Inc. (@peckshield) October 27, 2021

During a flash loan attack, an attacker exploits vulnerable smart contracts in order to create their own arbitrage opportunity. Typically, this is done by modifying the relative value of a trading pair by flooding the contract using their loaned tokens.

Cream Finance has been routinely targeted by attackers, as evidenced by the $19 million flash loan hack of the protocol in August. As Cointelegraph reported at the time, the attack was facilitated by a reentrancy bug introduced by the Amp token.

This story is still in development.

Report: Blockchain-related hacks have declined in 2020   Nov. 2, 2020
US authorities go after 280 crypto accounts allegedly tied to North Korea   Aug. 27, 2020
Expert Warns: Don’t Trust Ransomware Groups Amid Pandemic   April 16, 2020
Coin Bureau Youtube channel hacked despite 2FA protection   Jan. 24, 2022
BNB Chain confirms BSC halt due to 'potential exploit'   Oct. 6, 2022