Exploit Forces Crema Finance to Temporarily Suspend Services, $8.7 Million Stolen

Exploit Forces Crema Finance to Temporarily Suspend Services, $8.7 Million Stolen

According to the decentralized finance (defi) protocol Crema Finance, the application was hacked on July 2, 2022. A Twitter account called “Solanafm” says the defi protocol lost around $8.7 million from the attack. Crema Finance Vulnerability Causes Defi App to Lose Millions — 6 Flashloans Executed

Another defi protocol has lost funds to a hacker as the Solana liquidity application disclosed it was attacked on Saturday, July 2, 2022.

“Attention,” Crema Finance wrote on Saturday. “Our protocol seems to have just experienced a hacking. We temporarily suspended the program and are investigating it. Updates will be shared here ASAP.”

Crema Finance is a concentrated liquidity market maker (CLMM) algorithm built on top of Solana and the Twitter account @solanafm explained the defi app suffered an exploit. “On 2nd July, a vulnerability in the ticks account caused an exploit on Crema Finance for a total amount of $8,782,446,” Solanafm tweeted.

“We worked closely with the Crema team alongside [Ottersec] to break down the movement of the stolen funds following the exploit,” Solanafm added. Ottersec is a blockchain auditing firm that has audited various blockchain smart contracts and infrastructure.

Solanafm says that the hacker siphoned the funds via “6 flash loans on” the Solend Protocol. The attacker also leveraged the Wormhole Exchange to gather the stolen funds.

“Currently, all of the stolen funds are held in the hacker’s ETH wallet and [the] initial SOL wallet,” Solanafm’s Twitter thread concluded.

Ottersec also published a thread on the Crema Finance exploit and the flash loans. “In order to utilize flashloans, the attacker had to deploy their own onchain program,” Ottersec said. “Unfortunately, this program was quickly closed after the exploit.”

“The flashloan calls three key instructions on the Crema contract: ‘DepositFixTokenType,’ ‘Claim,’ and ‘WithdrawAllTokenTypes.’ The attacker is [then] able to deposit and then withdraw the same amount of tokens, while receiving additional tokens from the claim instruction,” Ottersec added. Tags in this story $8.7 million, attacker, Crema Finance, Crypto, crypto assets, Cryptocurrency, DeFi, Defi Hack, Exploit, Ottersec, SOL, Solana, Solana (SOL), Solana liquidity protocol, Solana Network, Solanafm, Solend

What do you think about Crema Finance getting hacked for $8.7 million in crypto funds? Let us know what you think about this subject in the comments section below. Jamie Redman

Jamie Redman is the News Lead at Bitcoin.com News and a financial tech journalist living in Florida. Redman has been an active member of the cryptocurrency community since 2011. He has a passion for Bitcoin, open-source code, and decentralized applications. Since September 2015, Redman has written more than 5,700 articles for Bitcoin.com News about the disruptive protocols emerging today. Russian Media Censor Roskomnadzor Blocks Major Crypto News Website NEWS | 2 hours ago Blockfi CEO Says FTX Has an "Option to Acquire" Crypto Lender at a Price of up to $240M NEWS | 8 hours ago

Image Credits: Shutterstock, Pixabay, Wiki Commons Previous articleBlockfi CEO Says FTX Has an ‘Option to Acquire’ Crypto Lender at a Price of up to $240M Next articleJed McCaleb’s Ripple Stash Down to 81 Million — Co-Founder’s XRP Cache Likely to Dry Up This Year Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article. Read disclaimerShow comments More Popular NewsIn Case You Missed ItOman to Incorporate Real Estate Tokenization in Virtual Assets Regulatory Framework

Real estate tokenization is set to be incorporated into Oman Capital Markets Authority (OCMA)"s virtual asset regulatory framework. According to an advisor with the authority, the tokenizing of real estate will open investment opportunities for local and foreign investors. Real ... read more.Following a Brief Fee Spike, Gas Prices to Move Ethereum Drop 76% in 12 Days Australia to List Bitcoin ETF After 4 Clearinghouse Participants Commit to Meet Stringent Margin Terms Fed"s Bullard Wants to Raise Bank Rate to 3.5% by Year"s End, Hints at 75 Basis Point Rate Hike Microbt Reveals Latest Bitcoin Mining Rigs — Machines Produce up to 126 TH/s With Custom 5nm Chip Design