Solana’s liquidity protocol, Crema Finance, was abused this weekend for more than $ 8.7 million, the platform confirmed on Monday.
This hack follows Crema’s exploit, a decentralized financial platform tick account. Said With an update.
If they succeeded in creating a fake account, the attacker could “avoid” regular security checks, leading to millions of dollars withdrawals in cryptocurrencies.
6) In CLMM, the calculation of transaction fees mainly depends on the data of the tick account. As a result, the real transaction fee data was replaced with counterfeit data, and the hacker charged a huge fee from the pool to complete the theft.
CremaFinance (@Crema_Finance) July 3, 2022
The Solana-based protocol has announced a suspension of services, noting that it has begun investigating exploits with the help of industry-leading security services.
“”Hackers exchanged stolen funds for 69422.9SOL and 6,497,738 USDCet via Jupiter. USDCet was then bridged to the Ethereum network via a wormhole and then swapped to 6064ETH via Uniswap.“Crema said in a tweet.
The attack on Crema is one of several DeFi attacks in 2022 and uses the blockchain security analysis platform Chainalysis. report About 97% of first-quarter crypto attacks were related to DeFi.
Among the billions stolen so far from the protocol are significant losses, such as $ 615 million at Axie Inifinity’s Ronin Bridge. A $ 320 million robbery from a wormhole. A $ 181 million Beanstalk flash loan attack and a $ 30 million hack into optimism.
Tracking site REKT database It shows that over $ 3.6 billion has been lost to hackers and over $ 1.1 billion has been returned over the past year.