Crema Finance has confirmed that the application was compromised on July 2, 2022. A Twitter account called “Solanafm” says the defi protocol lost around $8.7 million from the attack.
Crema Finance Vulnerability Causes Defi App to Lose Millions — 6 Flashloans Executed
Hackers have stolen funds from another protocol for defi, as Solana’s liquidity application revealed that it was attacked on July 2, 2022.
“Attention,” Crema Finance wroteOn Saturday. “Our protocol seems to have just experienced a hacking. The program has been temporarily suspended and we are currently investigating. Updates will be shared here ASAP.”
Crema Finance, a concentrated liquidity maker (CLMM), algorithm built on Solana or the Twitter account is Crema Finance. @solanafmDefi was among the victims of an exploit. “On 2nd July, a vulnerability in the ticks account caused an exploit on Crema Finance for a total amount of $8,782,446,” Solanafm tweeted.
“We worked closely with the Crema team alongside [Ottersec] to break down the movement of the stolen funds following the exploit,” Solanafm added. Ottersec is an auditing company that specializes in blockchain technology. auditedMany blockchain infrastructure and smart contracts.
Solanafm says that the hacker siphoned the funds via “6 flash loans on” the Solend Protocol. To steal the funds, the attacker used the Wormhole Exchange.
“Currently, all of the stolen funds are held in the hacker’s ETH wallet and [the] initial SOL wallet,” Solanafm’s Twitter thread concluded.
Ottersec published a threadThe flash loans and Crema Finance exploit. “In order to utilize flashloans, the attacker had to deploy their own onchain program,” Ottersec said. “Unfortunately, this program was quickly closed after the exploit.”
“The flashloan calls three key instructions on the Crema contract: ‘DepositFixTokenType,’ ‘Claim,’ and ‘WithdrawAllTokenTypes.’ The attacker is [then] able to deposit and then withdraw the same amount of tokens, while receiving additional tokens from the claim instruction,” Ottersec added.
Are you alarmed at the hacking of Crema Finance for $8.7million in crypto funds Comment below and let us know how you feel about the subject.
Images CreditsShutterstock. Pixabay. Wiki Commons
DisclaimerThis article serves informational purposes. It does not constitute an offer, solicitation, or recommendation of selling or buying products or services. Bitcoin.com is not a provider of investment, tax, legal or accounting advice. This article does not contain any information, products, or advice that can be used to cause or alleged result in any kind of damage.