DeFi security project 'Lossless' helps recover $16.7M from Cream Finance hack

Published at: Oct. 4, 2021

Lossless, a decentralized finance (DeFi) security outfit, has assisted in the recovery of 5,152.6 Ether (ETH) siphoned during the Cream Finance exploit that occurred in August.

Tweeting on Monday, Lossless identified white hat security expert Pascal Caversaccio as being pivotal to the successful recovery of the siphoned funds.

As previously reported by Cointelegraph, DeFi lending protocol, Cream Finance suffered a flash loan attack to the tune of $19 million in ETH and Amp tokens back in August. Following the exploit, Cream stated that it would repay the siphoned funds via fees collected on the protocol to compensate affected users.

Detailing the asset retrieval process, Lossless stated that it used its extensive connections within the world of hackers to enable the return of the funds taken during the flash loan attack.

Lossless also stated that the project is looking to launch a hack mitigation tool that will allow protocol developers to adopt a “hands-on” approach to preventing such malicious exploits of their platform.

Part of this mitigation will reportedly include a 24-hour freeze on suspicious transactions to allow time for robust investigations.

Dominykas A. van Otterlo, chief business development officer at Lossless, told Cointelegraph that the hack mitigation tool will leverage the project's knowledge-base acquired while manually tracking down hackers. Lossless plans to offer security support for DeFi projects across the Ethereum, Polygon, and Binance Smart Chain networks, and deployment on layer-two protocols.

Related: The perfect storm: DeFi hacks will advance the crypto sector moving forward

According to a Cream Finance statement from Oct. 1, Lossless and Caversaccio earned the 50% bug bounty from the successful fund recovery. “This is our first recovery of such scale,” Lossless tweeted in response to Cream Finance’s announcement.

DeFi platforms continue to fall victim to hackers and opportunistic profiteers who take advantage of vulnerabilities in smart contract codes to siphon funds from these projects.

Indeed, in August, Poly Network suffered a massive $610 million hack across multiple networks. The entity responsible eventually returned the stolen funds but the incident offered a pointer to the security loopholes prevalent in the DeFi space.

DeFi projects continue to offer bug bounties to white hat hackers to discover vulnerabilities that escaped the code auditing process. In September, white hat programmer Alexander Schlindwein reportedly received $1.05 million in bug bounty payments from Belt Finance.

Tags
Related Posts
DeFi hacks and exploits total $285M since 2019, Messari reports
Decentralized finan’s rising popularity since 2019 has seen the emerging market segment become a target for hackers and opportunistic profiteers. According to a report by crypto research company Messari, DeFi protocols have lost about $284.9 million to hacks and other exploit attacks since 2019. This figure is about 0.65% of the adjusted total value locked of the Ethereum-based DeFi market, according to data from DappRadar. In February Messari calculated that over $284 million in DeFi was lost to hacks since 2019 At this point in time, the decentralized insurance industry only covers a fraction of TVL in DeFi. The need …
Blockchain / April 29, 2021
DeFi attacks are on the rise — Will the industry be able to stem the tide?
The decentralized finance (DeFi) industry has lost over a billion dollars to hackers in the past couple of months, and the situation seems to be spiraling out of control. According to the latest statistics, approximately $1.6 billion in cryptocurrencies was stolen from DeFi platforms in the first quarter of 2022. Furthermore, over 90% of all pilfered crypto is from hacked DeFi protocols. These figures highlight a dire situation that is likely to persist over the long term if ignored. Why hackers prefer DeFi platforms In recent years, hackers have ramped up operations targeting DeFi systems. One primary reason as to …
Adoption / May 14, 2022
Developers need to stop crypto hackers — or face regulation in 2023
Third-party data breaches have exploded. The problem? Companies, including cryptocurrency exchanges, don’t know how to protect against them. When exchanges sign new vendors, most just innately expect that their vendors employ the same level of scrutiny as they do. Others don’t consider it at all. In today’s age, it isn’t just a good practice to test for vulnerabilities down the supply chain — it is absolutely necessary. Many exchanges are backed by international financiers and those new to financial technologies. Many are even new to technology altogether, instead backed by venture capitalists looking to get their feet wet in a …
Bitcoin Regulation / Nov. 3, 2022
BitKeep exploiter used phishing sites to lure in users: Report
The Bitkeep exploit that occurred on Dec. 26 used phishing sites to fool users into downloading fake wallets, according to a report by blockchain analytics provider OKLink. The report stated that the attacker set up several fake Bitkeep websites which contained an APK file that looked like version 7.2.9 of the Bitkeep wallet. When users “updated” their wallets by downloading the malicious file, their private keys or seed words were stolen and sent to the attacker. 【12-26 #BitKeep Hack Event Summary】 1/n According to OKLink data, the bitkeep theft involved 4 chains BSC, ETH, TRX, Polygon, OKLink included 50 hacker …
Ethereum / Dec. 26, 2022
Top 7 cybersecurity jobs in high demand
In today’s digital age, cybersecurity has become a critical aspect of almost every business. Cyber threats are increasing daily, and businesses must take proactive measures to protect their networks and data. As a result, the demand for cybersecurity professionals has skyrocketed. Little Friday humour #meme #cybersecurity @hackurityio pic.twitter.com/MArEpCh03k — Harold De Vries (@devries_harold) February 17, 2023 In this article, we will discuss the top seven cybersecurity jobs that are in high demand. Cybersecurity analyst A cybersecurity analyst is responsible for identifying and mitigating cyber threats to an organization’s network and data. They examine system logs and network traffic to find …
Technology / Feb. 26, 2023