Cream Iron Bank $36M Flash Loan Attack: Markets Re-Enabled While Asset Borrow Is Paused – Security Bitcoin News


Cream Iron Bank $36M Flash Loan Attack: Markets Re-Enabled While Asset Borrow Is Paused

Following the Cream Iron Bank flash loan attack, preliminary findings of a probe have shown that contracts and markets still function normally. As a result, markets have now been re-enabled while the asset borrowing function has been paused. The Cream team also reveals that investigations are continuing.

The Exploit

After the exploit, the value of the Cream protocol token plummeted from just over $280 on February 12 to $186.48 24 hours later. At the time of writing, Messari data shows that the token had recovered although it has remained mostly under $230.

Cream Iron Bank $36M Flash Loan Attack: Markets Re-Enabled While Asset Borrow Is Paused

Meanwhile, in his analysis of the exploit, researcher Igor Igamberdiev reveals that the attacker(s) had “used Alpha Homora for borrowing Synthetix stablecoin from Ironbank.” He adds that “each time they (would) borrow twice as much as in the previous one.” The attacker(s), did this through two transactions and whenever they lend the funds back into Ironbank they would receive Yearn Synthetix stablecoin.

According to Igamberdiev, the attacker(s) had at some point secured a 1.8 million USDC flash loan from Aave v2. This flash loan was then swapped with Synthetix stablecoin for onward lending to Ironbank.

Millions Siphoned

Using similar tactics, the attacker(s) would take out an even bigger loan. In his Twitter thread, Igamberdiev explains:

Also, a $10 million flash loan is taken, which is also used to increase the number of Yearn Synthetix stablecoin. In the end, the number of their Yearn Synthetix stablecoin reaches an incredible amount, which allows them to borrow anything from Iron bank.

Consequently, the attackers went on to borrow stablecoins valued at $13.4 million as well as wrapped ETH valued at over $23 million.

At the time of writing, it had been revealed that the debt resulting from the attack “will not be between users and Alpha Homora.” Instead, it will be Alpha Homora and Iron Bank that will have to “find a solution that resolves the debt between the two protocols.”

Tags in this story
Aave, Alpha Homora, Defi protocol, Flash loan attack, Iron Bank, Stablecoin, USDC, WETH, Yearn

What do you think needs to be done to prevent future flash loan attacks? You can tell us what you think in the comments section below.

Terence Zimwara

Terence Zimwara is a Zimbabwe award-winning journalist, author and writer. He has written extensively about the economic troubles of some African countries as well as how digital currencies can provide Africans with an escape route.

Image Credits: Shutterstock, Pixabay, Wiki Commons,,

Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.

Read disclaimer
Show comments