The decentralized finance protocol "Cream Finance" suffered another attack this year, resulting in the theft of at least $130 million, which could be the largest theft in this sector. The Block Crypto was the first to report on the attack on the Ethereum-based lending protocol, citing a tweet from PeckShield Inc., which highlighted the fast loan transaction through which the theft was executed. The thriving decentralized finance landscape has attracted billions of dollars from investor funds, but it has consistently been a target for hackers, many of whom have used fast loans—a type of uncollateralized lending—as a way to exploit poorly secured protocols.
"Cream" has faced similar attacks, including the theft of approximately $38 million in February and around $19 million in August, according to The Block. At the same time, a hacker stole $600 million in cryptocurrencies from the "PolyNetwork" protocol in August, considered the largest attack ever in decentralized finance.
Stephanie Kolet, CEO and co-founder of FRNT Financial Inc., a capital markets platform focused on cryptocurrencies, stated, "Unfortunately, this highlights one of three major risks in the current decentralized finance space... The first is that cryptocurrencies representing entirely new projects are trading at huge and undoubtedly inflated valuations; the second is that the vast majority of platforms are less than a year old, meaning the technology has not been tested; and the third is that the U.S. Securities and Exchange Commission, led by Gensler, has made it clear that these protocols will be treated like centralized finance such as 'BlockFi' and 'Celsius,' which face regulatory challenges in many U.S. states."
Cream's shares fell by 26% on Wednesday, reaching their lowest level since late May, according to CoinMarketCap data. "Cream Finance" tweeted that it is currently investigating the attack and will share updates as they become available, but representatives did not immediately respond to requests for comment.