CREAM Finance, the popular DeFi protocol, has reportedly been exploited by attackers. Currently, the potential loss according to speculations now stands around 13,000 ETH worth about $23 million at current prices.
Moreover, the exploitation has negatively impacted the price of the digital token, losing around 30% of its value minutes after the unfortunate incident was made public.
The announcement came through the official Twitter handle of CREAM Finance. According to the report, the exploitation was noticed earlier today.
CREAM Finance tweeted, “We are aware of a potential exploit and are looking into this. Thank you for your support as we investigate.”
We are aware of a potential exploit and are looking into this. Thank you for your support as we investigate.
— Cream Finance 🍦 (@CreamdotFinance) February 13, 2021
Although it has not been confirmed yet, many in the crypto community currently speculate that the attacker leveraged the opportunity to steal about 13,000 ETH, which is worth around $23 million.
A couple of hours ago, a Twitter user shared that someone is doing arbitrage on the Irob Bank contracts of CREAM Finance.
The user alarmed:
“Not really sure what is going on here, but it looks like someone is arbing the Iron Bank contracts through this contract 0x560a8e3b79d23b0a525e15c6f3486c6a293ddad2
“Address 0x905315602ed9a854e325f692ff82f58799beab57 was funded through @TornadoCash 22 hours ago, created the contract 51 minutes ago, and executed these transactions 15 minutes ago.
“Looks like a hack. Looks like they have made off with 13K ETH and they have started sending several ETH through Tornado Cash in addition to 1,000 ETH to Alpha Homora Deployer, 1,000 ETH to Cream Finance, and 100 ETH to Tornado’s grant.”
A Prime Suspect Has Been Identified
According to a recent update about the exploitation from Alpha Finance Lab, a prime suspect in relation to the hack attack has been identified:
“Dear Alpha community, we’ve been notified of an exploit on Alpha Homora V2. We’re now working with @AndreCronjeTech and @CreamdotFinance together on this. The loophole has been patched. We’re in the process of investigating the stolen fund, and have a prime suspect already.
“Users can’t borrow more funds from Alpha Homora v2 = no new leveraged positions and borrow on existing positions. V1 is safe and operational. We’re on full alert and working with @samczsun & many trusted builders to investigate the issues thoroughly. A post mortem to follow.”