Crypto Hackers Steal Over $130M from Cream Finance DeFi Platform

Cream Finance decentralized lending platform has been hacked, with attackers stealing more than $130 million worth of funds through a large flash loan attack.

PeckShield blockchain data analytic firm first identified the large flash loan transaction that the hackers used to exploit the Cream Finance platform.

The affected funds were mostly Cream liquidity provider tokens (Cream LP tokens) as well as other Ethereum-based tokens (ERC-20 tokens).

According to blockchain records, the hackers moved $92 million worth of funds into one address while $23 million into another address and also transferred other funds into other addresses. It now appears that the attackers have moved the funds to different wallets.

Following the incident, the price of Cream token plunged, from $152 to $111 in minutes, a 27% drop, according to CoinGecko.

According to the exploit transaction, the attacker left some strange message. They wrote, “gÃTµ Baave lucky, iron bank lucky, cream not. ydev : incest bad, don’t do.” This appears to refer to DeFi lending platforms Aave, Iron Bank, and Cream Finance.

This is the third time Cream Finance has faced a severe hack. In February, Cream Finance lost $37.5 million after hackers took advantage of a vulnerability in instant or flash credits technology.

In August, the primary decentralized finance protocol also lost $18.8 million after unknown hackers drained funds through flash loans exploits by introducing a reentrancy bug to the Amp token. After Cream Finance identified the incident during that time, it stated that the protocol stopped the exploit by pausing supply and borrowing contracts on the Amp token.

During that incident, PeckShield stated that the hacker exploited the Amp token by reborrowing assets during its transfer before updating the first to borrow in 17 separate transactions.

Calls for More Investor Protections

Flash loans allow users to borrow funds without collateral because the lender expects the money to be returned within one transaction block, immediately. However, hackers have used this loophole in DeFi to steal millions of dollars.

As reported by Blockchain.News in August, Poly Network DeFi protocol was attacked and hackers stole $600 million worth of funds from the protocol. This is considered the largest hack in DeFi and cryptocurrency history.

Decentralized Finance (DeFi), which is one of the use cases of blockchain technology, has been on the cusp of major growth. Regulators are aware of this growth and, of late, have been moving to act accordingly.

Frequent hacks like the abovementioned incidents have prompted regulators to call for better consumer protection in the DeFi sector.

In August, US SEC chairman Gary Gensler made it clear that regulation of DeFi platforms and stablecoins is on the SEC’s agenda. During that time, Gensler compared the use of DeFi to the Wild West, emphasizing it needs better investor protection.

Image source: Shutterstock


Tagged : / / /

What Is Apeswap.Finance? Complete Guide to New Decentralized Exchange

Apeswap.Finance protocol is a decentralised exchange built on Binance Smart Chain, which provides users with access to all sorts of financial markets from payments, lending, derivatives, staking, tokenised assets to alternative savings and many more.

The DeFi protocol has grown in popularity with the masses because of the enormous opportunities to benefit from what was not possible before.

DeFi is currently the hottest trend within the crypto sector. Apeswap platform thrives on decentralising every aspect of the traditional financial industry, making services like insurance, credit, and others available to all. Such services have not been easily accessible to all society members, particularly those at the lower end and in less developed countries.

With more than 1.7 billion adults unbanked worldwide, access to essential financial services that can empower them has not been possible. That is where Apeswap is thriving to decentralise all financial services using blockchain protocols and crypto tokens.

Apeswap is working on solving problems of their centralised counterparts, including the risk of hacking mismanagement and arbitrary fees and replacing centralised intermediaries in financial applications like derivatives, insurance, and loans.

DeFi Lending and Borrowing

Apeswap provides users with various ways to make profits, investments and engage in multiple activities on the DeFi platform. The majority of such activities rely on the native BANANA cryptocurrency, which serves as the utility token across Apeswap and most of such activities focus on rewarding users in BANANA.

Any investor can buy BANANA native token through the Apeswap platform and lend and borrow other cryptocurrencies, including DAI, ETH, USDC, ZRX, USDT, WBTC, BAT, REP, SAI, and others.

Since DeFi lending is one area that has gained users’ attention, Apeswap has come up with products that give loans to any interested individuals or businesses without intermediaries.

The protocol enables every involved person to earn interest for committing cryptocurrency and allows them to lend and borrow crypto assets.

Such services have become highly important as investors don’t have to spend time, effort and incur costs associated with dealing with traditional financial industry intermediaries.

DeFi Rewards and Earning

Providing potential rewards is one of the areas that has significantly improved the livelihoods of many investors. This continues attracting people to the DeFi sector and boosting the adoption of DeFi protocols.

 Apeswap protocol offers various ways for investors to earn and get rewarded within the platform, including staking and locking tokens in its liquidity pool. Yield farming is a lucrative activity where investors commit cryptocurrency to the Apeswap liquidity pool for a given period of time to earn rewards.

The desire to simplify such earning processes for all has led to the birth of Apeswap. The platform offers various DeFi products and makes it easy for users to be rewarded using different assets on different protocols like reputable liquidity pools, staking, and airdrops.

By accessing Apeswap’s native token (BANANA), investors can stake any asset they hold to any desired liquidity pool for rewards.

In the past, investors had to take several steps to achieve such a goal, but with Apeswap, now that is a simple activity. All one needs to do is to convert their cryptocurrency to the BANANA token and then proceed to stake wherever they wish, or they can buy BANANA on the project’s official website and continue from there.

The Apeswap platform also does recommend the best investment options available for users, like where to stake for the best returns. Such recommendations are data-driven through the use of sophisticated algorithms, making them quite accurate.

DeFi Insurance

DeFi is a relatively new market, which is yet to mature. People are still trying to figure out different things there.

For now, the ecosystem provides great rewards. For instance, interests earned from staking and yield farming beat anything offered by institutions like banks by miles.

But with great rewards, there is a significant risk. That is why the Apeswap platform helps users hedge against risks that could exist within smart contracts. Apeswap protects investors’ assets from losing value when farming or staking, besides protection against bug exploits and hacks.

Initial Ape Offerings

Lastly, Initial Ape Offerings allows users to ape into new and upcoming projects. Typically, an Initial Ape Offerings (IAO) is a fundraising activity that Apeswap users could engage in launching new tokens and to bring liquidity to such tokens.

To participate in an IAO is quite simple. All that a user needs to do is to go to Apeswap.Finance/IAP and take a look at different IAOs out there.

Final Thought

DeFi has been a blessing to the blockchain industry and the world at large. While Apeswap serves as a decentralised store of value, it offers decentralised financial instruments that ensure easy transactions and maximise investors’ returns.

Apeswap is easy to use and understand, unlike other platforms. The platform makes swapping and staking even more accessible and better with low swapping fees since it runs on Binance Smart Chain (BSC).

In short, Apeswap is pushing boundaries to create new and exciting ways to engage users. The platform is quickly becoming the best place for investors who are looking to optimise their investments.

Image source: Apeswap.Finance


Tagged : / / /

PAID Network DeFi Platform Attacked as Hacker Gains $3 Million Of ETH After Minting $166 Million Of Tokens

Someone has exploited PAID Network, a decentralized finance DeFi app, via a vulnerability that allowed him to mint about $100 million worth of Paid tokens and sold most of them.

The unknown person exploited the hack through the contract’s token minting feature and created over 59.4 million PAID tokens worth $166 million at the time of the attack. The attacker then moved on to selling the fraudulently created tokens on Uniswap and successfully sold around 2.5 million PAID tokens for about 2000 ETH worth $3 million.

PAID Network is DeFi cryptocurrency project that uses an Ethereum-based token. Network data indicates that more than 2000 ETH was obtained by the hacker after some of the 59.4 million minted PAID tokens were traded on Uniswap decentralized exchange service.

Etherscan data shows that about 2.5 million PAID tokens were sold over the course of 13 transactions.

The culprit dumped the tokens in the Uniswap market, thus causing the price of PAID tokens to drop by 75% instantly. The flood of the tokens into the market instantly crashed the price of the PAID tokens from $2.80 to 0.40. The hacker’s wallet address still contains more than 56 million PAID tokens worth about $24 million.

It is not clear if it was a hacker or a team responsible for the incident. Paid Network has had many successful audits, but it is strange to see a mint hack on the protocol. The attacker could have potentially accessed the private keys of the company’s team.

PAID Network has said that it is pulling liquidity from the vulnerable contract so that to prevent any further damage. The team also plans to create a new contract to restore token balances. Based on its tweet, PAID Network has promised to publish a comprehensive report regarding the hacking incident soon.

DeFi Hacks Raise Eyebrows

DeFi has become of the fastest growing trends in the cryptocurrency industry. Funds locked in decentralized finance have exponentially grown, but companies offering such services have often become the victims of hacks. The boom of the DeFi market has been leveraged by criminal hackers and money launderers. DeFi protocols are permissionless by design, and this means that they often lack clear regulatory compliance and anyone in any nation is able to access them with little or no KYC information collected.

Consumers are advised to keep vigilant to vulnerabilities, fraud, hacks, attacks, and manipulation risks being witnessed in DeFi projects. DEXes have no way of freezing funds like centralized exchanges. This power lies in the individuals DeFi projects themselves. But if companies don’t take proper steps to ensure the security of smart contracts on which their DeFi projects rely, then DeFi would continue to suffer from consequences resulting from inadequate security and AML.

Image source: Shutterstock


Tagged : / / / /
Bitcoin (BTC) $ 37,757.12 0.80%
Ethereum (ETH) $ 2,033.12 0.93%
Litecoin (LTC) $ 69.62 0.23%
Bitcoin Cash (BCH) $ 222.57 0.76%