Cream Finance, a decentralized lending protocol, has experienced a hack that may have caused a $117 million theft.
We are investigating an exploit on C.R.E.A.M. v1 on Ethereum and will share updates as soon as they are available.
— Cream Finance 🍦 (@CreamdotFinance) October 27, 2021
Blockchain security firm Peckshield reported that an exploit in the form of a “flash loan” was the source of the breach. A flash loan is an instantaneous transfer of funds where a smart contract overseas the transactions. After certain requirements are met the funds are transferred. A failure to adhere to the terms means the funds are returned. Specific details on the hack were not immediately available.
1/4 @CreamdotFinance was exploited in https://t.co/XzAvHqoINN), leading to the gain of ~$117M for the hacker.
— PeckShield Inc. (@peckshield) October 27, 2021
Cream, while acknowledging the incident, has said little since it distributed its first Tweet.
Cream has been the target of hacks in the past. Earlier this year, it was reported that Cream was the target of a $26 million theft (some reported higher amounts). The fact that Cream Finance is operating in a largely unregulated manner will certainly catch the attention of global regulators – some of which are seeking to reign in the crypto lending sector.