Nearly $9 million stolen from DeFi platform Crema Finance
Decentralized finance platform Crema Finance announced that it was hacked on Saturday and had about $8.8 million stolen during the attack.
The company said it is now working with law enforcement and blockchain security companies to trace the stolen funds. In total, the hackers stole 69,500 SOL, which is worth about $2.3 million and stablecoins worth about $6.5 million.
It sent a message to the hackers, offering them $800,000 in exchange for the return of the stolen funds.
“Your addresses on both Solana and Ethereum, have been blacklisted and all eyes are on you right now. You have 72h from now to consider becoming a white hat and keeping $800k as the bounty,” the company said in a note to the hacker.
“And transfer remaining funds back to our contract-update-authority address. Otherwise the police and legal force will officially get involved and there will be endless tracing waiting for you.”
Several blockchain security companies showed that the hacker conducted the exploit by uploading a malicious on-chain program which could then be used to deploy multiple flash loan attacks.
Flash loan attacks are when a hacker uses a fast, uncollateralized loan to target vulnerabilities in a project’s design.
Flash loan attacks have become one of the most popular ways hackers target DeFi platforms. In April, hackers stole $11.2 million worth of Binance Coin from DeFi platform Elephant Money.
Blockchain analysis firm Chainalysis said at least $2.2 billion was stolen from DeFi protocols in 2021. Last month, the Ronin Network announced that hackers stole more than $500 million worth of cryptocurrency, making it one of the largest attacks ever.
Ronghui Gu, co-founder of crypto security firm CertiK, told The Record that the flash loan attack used by the hacker in this incident was specific and surprising in many ways.
“This kind of complicated exploit highlights the constantly shifting frontier of crypto security,” Gu said.
“This is a reminder that hackers are always finding new ways to use old tricks, and for web3 to become a truly secure ecosystem, it requires both the web3 security industry and projects themselves to get better at anticipating, not just responding to, attacks.”