Yesterday, August 30, 2021, hackers stole over $ 29 million worth of crypto assets from the Cream Finance DeFi platform.
The first signs of an attack were recorded by PeckShield, a blockchain security company, and soon the developers of Cream Finance themselves confirmed what was happening.
Experts write that an unknown hacker used a reentrancy attack against the flash loan function and eventually stole 418,311,571 AMP tokens from Cream Finance (at the time of the hack, about $ 25.1 million), as well as 1,308.09 ETH (approximately $ 4.15 million).
The term flash loan, in this case, refers to contracts on the Etherium blockchain that allow Cream Finance users to take quick loans from the company’s funds and then return them. Reentrancy attacks work by exploiting an error in these contracts and allow an attacker to initiate repeated withdrawals in a loop (before the original transaction is approved or rejected and the funds have to be returned).
Edition of The Record says that the creator of the application kriptovalyutnogo ZenGo and PeckShield specialists have confirmed that in case of burglary Cream Finance used an error in the interface contract token ERC777, which applies Cream Finance to communicate with the base blokcheynom Etherium.
Catch up on more stories here
Follow us on Facebook here