Cream Finance exploiter moves funds from 2021 hack again

January 30, 2023 at 12:26 pm

News

Cream Finance exploiter moves funds from 2021 hack again

According to blockchain security tracker CertiK, Cream Finance’s attacker has transferred the crypto assets they stole back in 2021 to another wallet address. The transaction took place at 12:22 AM UTC today.

Cream Finance’s stolen funds on the move

Earlier today, CertiK alerts shared a tweet showing the latest transaction involving funds stolen from Cream Finance in October 2021. Due to blockchain technology’s transparency, the blockchain security firm can keep tabs on the movement of the funds obtained from the exploit.

https://twitter.com/CertiKAlert/status/1619922977730224136?t=ISIW1h-5oNEc4JdM0Fvotg&s=19

According to Etherscan, the hacker used the wallet address 0x70747df6ac244979a2ae9ca1e1a82899d02bbea4 to transfer the funds to address 0x4648451b5f87ff8f0f7d622bd40574bb97e25980. Etherscan flags the address as Cream Finance’s attacker’s wallet. The transaction unveiled that they moved 365.69 ethereum (above $600K).

Cream Finance exploiter moves funds from 2021 hack again - 1 — Cream Finance exploits funds transfer. Source: Etherscan.io

In 2021, the DeFi protocol suffered about three network breaches, with the last one seeing them lose about $130 million at the time of the hack. As reported by PeckShield, the hacker used a loophole in the platform’s loaning system, a process described as flash loaning, to make away with the protocol’s tokens on the Ethereum chain. Blockchain security analytics firm Slowmist broke down the stolen assets via a Twitter thread. Some of the tokens stolen included ETH, BUSD, AAVE, WBTC, and FTX.

BREAKING: Ethereum DeFi protocol @CreamdotFinance hacked for more than $130 million. According to SlowMist AML statistics, the hacker has profited a total of 2760.22 ETH and 60 tokens including HBTC, USDT, BUSD, etc. SlowMist will continue to monitor the transfer of stolen funds. pic.twitter.com/eLPMz3YEII
— SlowMist (@SlowMist_Team) October 27, 2021

Earlier that year, Cream Finance had already lost about $66M to hacks after cyber attackers breached the protocol in February and August.

The fright of DeFi

Even though the funds are being tracked, and the exploiter’s address has been identified, hope for the funds’ recovery is getting dimmer. However, Cream Finance had some funds stolen in the August 2021 hack recovered after DeFi security firm Lossless aided them in getting 5,152.6 back. Nonetheless, funds from the October hack have yet to be recovered.

DeFi protocols account for over 70% of virtual currency-related cyberattacks. Chinese firm LianAn technology published a report showing the numbers crunched from DeFi exploits in 2022 hit $3.64B, almost 50% more than the total seen from 2021.

Cream Finance exploiter moves funds from 2021 hack again - 2 — Losses made by DeFi protocols quarterly in 2022. Source: LianAn Technology

DeFi protocols need to find a solution to network breaches soon, as the total value locked on protocols is also dropping. As of December 2022, the TVL on DeFi networks had fallen by more than 80% from the end of 2021’s values.