Suche
Mein Konto
Solana-based liquidity protocol CremaFinance hacked for $8.7 million
Hackers raided CremaFinance's liquidity pools over the weekend, forcing the protocol to pull the plug. The incident is the latest in a series of exploits that have plagued the troubled decentralized finance sector this year. Solana-based liquidity protocol CremaFinance is the latest DeFi (decentralized finance) platform to fall victim to hackers. First alerted, CremaFinance told users on Saturday that it was temporarily suspending the service and investigating the exploit, which was believed to involve more than $6.4 million in digital assets at the time. This number was later increased to over 8.7 million...
Solana-based liquidity protocol CremaFinance hacked for $8.7 million
- Hacker überfielen am Wochenende die Liquiditätspools von CremaFinance und zwangen das Protokoll, den Stecker zu ziehen
- Der Vorfall ist der jüngste in einer Reihe von Exploits, die den angeschlagenen dezentralen Finanzsektor in diesem Jahr geplagt haben
Solana-based liquidity protocol CremaFinance is the latest DeFi (decentralized finance) platform to fall victim to hackers.
First brought to attention CremaFinance told users on Saturday that it was temporarily suspending the service and investigating the exploit, which was believed to involve more than $6.4 million in digital assets at the time.
That figure was later revised to over $8.7 million, Solana blockchain explorer SolanaFM said in a tweet. The hacker exploited a vulnerability in the protocol's Tick account, CremaFinance said.
A tick is a dedicated account that stores price tick data from a centralized liquidity market maker (CLMM). In DeFi, CLMMs typically charge transaction fees based on data in the tick account.
In the case of CremaFinance, the authentic transaction fee data was replaced with the hacker's fake data. This allowed the attacker to demand a “huge amount of fees” from CremaFinance’s liquidity pool, resulting in epic losses.
The hacker deployed a malicious contract and used it to activate six flash loans from Solana lending platform Solend to add liquidity to Crema and open their positions, CremaFinance said.
Millions of dollars in various cryptocurrencies, including Tether and Lido Staked Solana, were stolen. Stolen funds are held in the hacker's Ethereum and Solana wallets, which have since been flagged by SolanaFM. CremaFinance has yet to confirm exactly how much crypto remains in its pools.
The Company announced It had raised $5.4 million in a private fundraising round just two weeks ago. CremaFinance is not to be confused with DeFi’s Cream Finance, which has suffered several “flash loan exploits” over the last year, including a $130 million hack in October.
But the incident is the latest in a series of DeFi exploits that have plagued the sector this year. Last month, a hacker stole 20 million governance tokens from Ethereum scaling solution Optimism, worth around $30 million at the time, that were intended for a loan from major market maker Wintermute.
In the same month, smart contracts platform Elrond Network was a witness 4 million dollars branched off its decentralized exchange.
Still, these pale in comparison to the $320 million hack of digital asset bridge Wormhole in February and the $625 million attack on Axie Infinite's Ronin bridge in April - the two largest DeFi thefts to date.
. .
The post Solana-Based Liquidity Protocol CremaFinance Hacked for $8.7M is not financial advice.