Cream Finance
A cross-chain lending protocol drained of about $130M on October 27, 2021 via a flash-loan price-oracle manipulation of a Yearn yUSD vault — the largest of three exploits Cream suffered in 2021.
Also known as: Cream Finance, C.R.E.A.M. Finance, CREAM
Summary
Cream Finance was a decentralized cross-chain lending protocol. On October 27, 2021, an attacker used flash loans (borrowing hundreds of millions in DAI and ETH) to manipulate the price oracle for a Yearn yUSD vault that Cream used to value collateral, then borrowed against the inflated collateral to drain about $130 million from Cream's Ethereum v1 markets. [1][2]
Context
It was the largest of three flash-loan exploits Cream suffered in 2021 (after ~$37.5M in February and ~$18.8M in August). Yearn recovered about $9.42 million that the attacker had "donated" to the vault during the attack and returned it to Cream's multisig. [1][2]
Bracketed numbers refer to the numbered sources listed below.
Linked scams & cases
Sources (2)
See also
- Loci (LOCIcoin)TokensA 2017–2018 ICO for 'LOCIcoin' tied to the InnVenn IP-search platform. The SEC charged Loci and CEO John Wise with fraud for raising $7.6M on false claims about revenue, headcount, and user base; Wise also misused investor funds. Settled with a $7.6M penalty and an officer/director bar.
- Blockchain Terminal (BCT)TokensA 2017–2018 ICO (BCT tokens, ~$30M) for a 'Blockchain Terminal' — a Bloomberg-style crypto trading terminal. The SEC and DOJ said convicted ex-hedge-funder Boaz Manor secretly ran it under a fake identity ('Shaun MacDonald'), using associate Edith Pardo as a front, and lied about the product's adoption.
- Crowd Machine (CMCT)Tokens
This page was last updated on Jun 8, 2026. View revision history.