Exploit: Cryptojacking (Misconfiguration)
C.R.E.A.M. Finance: Decentralized Lending Platform
Risk to Business: 1.595 = Extreme
For the third time this year, cybercriminals have hit lending platform C.R.E.A.M. Finance, stealing cryptocurrency. This time, thieves made off with $130 million worth of cryptocurrency assets. According to the experts, the attackers have likely exploited a vulnerability in the platform’s flash loan feature, then transferred the stolen funds to a wallet under their control before splitting them through other wallets. This is the third successful heist from the platform this year. Crooks jacked $29 million in August 2021 and $37 million in February 2021.
Individual Impact: No consumer PII or financial data exposure was disclosed in this incident as of press time.
Customers Impacted: Unknown
How it Could Affect Your Customers’ Business Cybercriminals are always hungry for cash and crypto is the currency that they prefer, so stealing it will continue to be a popular option.
Source: security affairs