Cream Finance Suffers Third Hack, Loses Over $130 Million

Cream Finance has been hacked, losing over $130 million. This marks the third time the DeFi protocol has been hacked. Cream Finance is a lending and borrowing protocol that runs on the Ethereum network. 

The attack—a flash loan identified by PeckShield Inc.—resulted in mostly Cream tokens, CREAM, being stolen. 

This is far from the first time the DeFi protocol has suffered a major attack. 

In February, hackers made off with $37.5 million in a flash loan attack, tanking the price of CREAM by 30% in just one hour. 

In August, Cream was hacked all over again, with the protocol being involved in a multi-million dollar exploit that resulted in an attacker making off with more than 418 million in AMP—the Flexa Network’s native token—and approximately 1,300 Ethereum. 

At press time, CREAM has again plummeted 28% following today’s attack. The token is trading at $113.63, according to CoinGecko.

While Cream Finance has been hit repeatedly, it is far from the only DeFi platform to suffer a similar fate. 

In August, the interoperability protocol Poly Network fell to an attack that saw the thief make off with $600 million in stolen funds. This is the largest hack in DeFi—and crypto—history. 

Frequent hacks such as these have prompted onlookers to call for greater consumer protection in the DeFi industry, including chair of the Securities and Exchange Commission, Gary Gensler. 

Speaking at the Yahoo Finance All Markets Summit earlier this week, Gensler said that the decentralized finance space will not end well unless robust consumer protections were brought in. 

“There’s a lot of lending going on. There’s a lot of trading going on. And without protections, I fear that it’s going to end poorly,” he said. 

Previously, Gensler has also described the term DeFi as a “misnomer,” and suggested that many tokens in the DeFi space could be unregistered securities.