Cream Finance, a major decentralized finance (DeFi) protocol focused on lending, has suffered a severe exploit, with a hacker stealing nearly $19 million from its platform.

An unknown hacker has managed to gain $18.8 one thousand thousand in the latest flash loan exploit of the Cream Finance protocol through a reentrancy problems introduced by the Amp token, according to an investigation past blockchain security firm PeckShield.

Announcing the news Monday, Foam Finance said that the protocol has stopped the exploit by pausing supply and borrow contracts on the Amp token. "No other markets were affected," Cream Finance stated.

PeckShield specified that the hacker exploited the Amp token by reborrowing assets during its transfer before updating the kickoff to borrow in 17 divide transactions. Providing an example transaction, the security house stated, "The hacker makes a flashloan of 500 ETH and deposit the funds as collateral. And so the hacker borrows 19M $AMP and makes apply of the reentrancy problems to re-infringe 355 ETH inside $AMP token transfer. And then the hacker cocky-liquidates the borrow."

"The funds are nonetheless parked in 0xCE1F….6EDE. We are actively monitoring this address for whatever movement," PeckShield added, providing the hacker'southward address.

Amp is an Ethereum-based token that is designed to collateralize payments on the digital payments network Flexa. The Amp token contract implements ERC-77-based registry smart contract known as ERC-1820. Introduced in 2022, the ERC-1820 standard defines a universal registry smart contract where whatsoever address "tin register which interface it supports and which smart contract is responsible for its implementation."

Related: Beleaguered DeFi project xToken suffers second major exploit since May

Post-obit the assail, both the Amp token and Foam Finance's native token, Foam, saw a notable cost driblet, with Amp plummeting nearly 13% over the past 24 hours. At the fourth dimension of writing, the Amp token is trading at $0.051908, while the CREAM token is trading at $167, downward around 5% over the by 24 hours, according to data from CoinGecko.

Equally previously reported past Cointelegraph, DeFi product Alpha Homora in February suffered a $37-million hack, which exploited Cream'south Iron Bank protocol-to-protocol lending platform.

The latest flash loan exploit comes amid the increasing corporeality of hacks and exploits among both centralized and decentralized cryptocurrency platforms. On Saturday, Bilaxy crypto exchange suffered a major hot wallet hack leading to 295 ERC-20 tokens being compromised. Liquid lost nearly $100 million in a hack that took identify on Aug 19.