Another one?! CREAM hacked
This afternoon news broke that CREAM finance has suffered their third hack this year, following the hack in February resulting in losses of around $37m and another one in August with a loss of around $18m which the team promised to refund from fees.
This most recent hack is quoted to be the third largest this year with losses over a staggering $100m. The total value locked in the protocol is over $1.5bn, meaning that the hack is less than 10% of TVL. However, user and investor confidence will likely be shaky for some time.
Flash Loan Attack
CREAM finance is an exchange and lending platform which has existed for just over a year. This hack was a flash loan attack. A flash loan is as the name suggests — an ultra fast unsecured loan designed to allow users to capitalize fast on arbitrage opportunities. Unlike regular loans where the recipient requires credit checks to judge their trustworthiness and collateral to ensure the lender won’t be left empty handed, a flash loan by-passes these hurdles. Smart contracts are used to ensure that these loans are repaid. If the borrower doesn’t repay the capital, the transaction is reversed.
These flash loans are an innovative concept unique to the DeFi space due to their basis in smart contracts. However, they have been subject to scrutiny recently due to their apparent relative ease to exploit. CoinMarketCap states that they are the most common type of attack in DeFi. It is worth mentioning that the CREAM hack in February was also a flash loan attack.
Coverage
Fortunately both Nexus Mutual and Bridge Mutual offer coverage against hacks and smart contract failures for CREAM protocol. Users who were prudent enough to get coverage will no doubt be filing claims and submitting evidence of their losses over the next few days and weeks.
On twitter Bridge Mutual take a humorous approach in a reply to the initial tweet from CREAM shown above, with the following comment ‘for those with policies, of course’. It’s unclear whether CREAM finance sees the humour in the situation at the moment.
About Bright Union
Bright Union is the world-leading multi-chain decentralized finance cover marketplace. Our mission is to safeguard your digital assets from the dark forces in crypto (hacks, smart contract failures, and rug pulls) by empowering the crypto community to cover one another in a decentralized and permissionless manner.
Buying DeFi covers has never been this straightforward. Bright Union provides the most comprehensive range of crypto insurance on the market at competitive prices. Furthermore, Bright Union will soon release its unique suite of cutting-edge risk solutions, providing investors with outstanding investment and coverage opportunities. Be bright and take advantage of DeFi’s exponential growth.
Check out our coverage available here starting from just 2.5% per annum
For a step by step of the exploit, see the thread below
Join the Union
Receive announcements by joining the community.
🌍 Check out the website.
🤝 Discuss Bright by joining Telegram.
🗞️ Get the latest news on Twitter @BrightUnion.
📺 Watch tutorials on Youtube
📸 Follow us on Instagram
