Cream Finance to Return Stolen Tokens Through Protocol Fees

  • The DeFi protocol will use 20% of its fees to return the 462 million AMP and 2,800 ETH tokens, stolen in a flash loan attack on 30 August.
  • Blockchain security firm PeckShield confirmed the exploit was connected to the integration of ERC-777 AMP token contracts in the protocol.
Hands Giving & Receiving Money


Decentralized finance (DeFi) protocol Cream Finance has promised to return all the stolen funds from the Monday attack on the platform, the protocol said in a post mortem of the exploit on 1 September.

According to the announcement, Cream Finance will return all of the stolen AMP and ETH tokens to affected users, and then use 20% of all protocol fees for the repayment of the debt, which will be secured using a CREAM collateral with the Flexa team. While originally Cream Finance claimed to have lost around $19 million in tokens, but its post mortem put that figure closer to $34 million. The protocol said in the post:

“We are committed to making this right for those negatively impacted by the exploiter. We are committed to this industry and building innovative DeFi products. We appreciate the support of our partners and community and will move forward together.”

With the help of blockchain security firm PeckShield, Cream Finance confirmed that the exploit was connected to the integration of ERC-777 AMP token contracts in the protocol, and involved a flash loan attack. The team also found there was a smaller attack from a copy-cat that used an address with transaction history from Binance, which is now helping the protocol to identify the copy-cat.

Over the course of 17 transactions, the attackers were able to steal about 462 million AMP tokens, and 2,800 ETH. The protocol has now offered the exploiters a 10% bug bounty for returning the stolen funds, but is also working with authorities to track the attacker and prosecute him “to the fullest extent of the law”. Individuals who are able to provide information leading to the arrest of the attackers will also be awarded with 50% of all returned funds.

Related Coverage
Deus Finance Exploited for $13.4M in Flash Loan Attack
  • Blockchain security firm PeckShield noted the attacker used a $143 million flash loan to inflate the price of DEI, allowing him to steal $13.4 million from Deus Finance.
  • This is the second time in two months that a malicious entity had used a flash loan exploit to manipulate the price of digital assets on the DeFi platform.
April 28, 2022, 11:21 AM


Bogged Finance Suffers $3M Flash Loan Exploit
  • The project’s development team discovered and mitigated the attack within 45 seconds, but the attacker was still able drain $3 million of the $6 million of liquidity.
  • The team is currently working on a plan to mitigate the situation, which uses the same exploit as the unknown attacker.
PancakeSwap, Cream Finance Experiencing DNS Hijacks
  • Both platforms are experiencing a DNS hijack at the moment, with the malicious actor requesting users provide their seed phrases.
  • The issue is already being investigated, with both Cream Finance and PancakeSwap warning users to keep away from the websites until it is resolved.