Tags in this story
$ 8.7 million, attacker, Crema Finance, Crypto, crypto assets, Cryptocurrency, DeFi, Defi Hack, Exploit, Ottersec, SOL, Solana, Solana (SOL), Solana liquidity protocol, Solana Network, Solanafm, Solend
Exploitation forces Crema Finance to temporarily suspend services, stolen $ 8.7 million – Bitcoin News
According to the decentralized financial protocol (defi) Crema Finance, the application was hacked on July 2, 2022. A Twitter account called “Solanafm” says that the defi protocol lost around $ 8.7 million from the attack.
Crema Finance vulnerability causes the Defi app to lose millions – 6 flash loans executed
Another defi protocol has lost money to a hacker when the Solana liquidity application revealed that it was attacked on Saturday, July 2, 2022.
“Attention,” Crema Finance wrote on Saturday. “Our protocol appears to have experienced a hack. We have temporarily suspended the program and are investigating it. Updates will be shared here ASAP.”
Crema Finance is a concentrated liquidity market maker (CLMM) algorithm built on top of Solana and the Twitter account @solanafm explained that the defi app was subjected to an exploitation. “On July 2, a tick account vulnerability caused an exploitation of Crema Finance for a total amount of $ 8,782,446,” Solanafm twitret.
“We worked closely with the Crema team next door [Ottersec] to break down the movement of the stolen funds after the exploitation, »added Solanafm. Ottersec is a blockchain auditing firm that has revised various blockchain smart contracts and infrastructure.
Solanafm says that the hacker obtained the funds via “6 flash loans on”. Solend protocol. The attacker also used the Wormhole Exchange to collect the stolen funds.
“At the moment, all the stolen funds are kept in the hacker’s ETH wallet and [the] first SOL wallet “, concluded Solanafm’s Twitter thread.
Ottersec too published a thread on the Crema Finance utilization and the flash loans. “To use flash loans, the attacker had to deploy his own onchain program,” Ottersec said. “Unfortunately, this program was quickly shut down after exploitation.”
“The Flash loan calls for three key instructions on the Crema contract: ‘DepositFixTokenType’, ‘Claim’ and ‘WithdrawAllTokenTypes.’ The attacker is [then] able to insert and then withdraw the same amount of tokens, while receiving additional tokens from the requirements instruction, “Ottersec added.
What do you think about Crema Finance being hacked for $ 8.7 million in crypto funds? Tell us what you think about this topic in the comments section below.
Photo credit: Shutterstock, Pixabay, Wiki Commons
Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or recommendation of products, services or companies. Bitcoin.com does not provide investment, tax, legal or accounting advice. Neither the Company nor the author is liable, directly or indirectly, for any damage or loss caused or alleged to have been caused by or in connection with the use of or reliance on the content, goods or services mentioned in this article.
