Cream Finance decentralized lending platform appears to have been heavily exploited on Wednesday, with attackers stealing over $ 100 million in funds through a massive instant loan attack.

Blockchain data analytics firm PeckShield first identified the quick loan on Wednesday. The compromised funds were mainly cream tokens from liquidity providers as well as other Ethereum-based tokens.

#FlashLoanAlert https://t.co/XzAvHqoINN

– PeckShield Inc. (@peckshield) October 27, 2021

In a flash loan attack, an attacker uses vulnerable smart contracts to create his own arbitrage opportunity. Usually this is done by changing the relative value of a trading pair by flooding the contract with their loan tokens.

Cream Finance is often the target of attackers, as evidenced by the Protocol’s $ 19 million quick loan hack in August, securing digital payments on Flexa.

The Cream Finance forum appears to have been withdrawn after the attack, despite the minutes notification his Twitter followers that the quick loan is being investigated. The Twitter feed is full of angry responses about Cream’s poor performance in protecting users’ funds.

We are investigating a CREAM v1 mining on Ethereum and will release updates as soon as they are available.

– Cream Finance (@CreamdotFinance) October 27, 2021

Related: Hackers exploit MFA vulnerability to steal 6,000 Coinbase customers – report

While DeFi has been lauded for revolutionizing traditional finance and promoting financial inclusion, the industry’s record on consumer protection has been poor. According to CryptoSec, a comprehensive list of DeFi attacks revealed 63 exploits as of September 16 with a total loss of $ 1.2 billion. Cream Finance’s latest mining is going to be one of the largest.