Yup! Another Day, Another Hack!
Crema Finance, a concentrated liquidity protocol over the Solana blockchain, announced the temporary suspension of its services owing to a successful exploit that has drained a substantial but undisclosed amount of funds. Soon after realizing the hack on its protocol, Crema Finance suspended the liquidity services to refrain the hacker from draining out its liquidity reserves — which include the funds of the service provider and investors.
[Sarkar, A. Crema Finance shuts liquidity protocol on Solana amid hack investigation. (Accessed July 3, 2022)].
"Several hours later, Crema tweeted that it was working with OtterSec, a blockchain audits firm, and other experienced organizations on the investigation. In the same thread, OtterSec said that Crema 'was recently hacked for over $6M. Unlike previous attacks, this hacker used Solend flashloans to drain the pool' [Millard, M. Crema Finance suspends liquidity protocol on Solana amid probe of hack . (Accessed July 3, 2022)]. These tweets appear on Twitter as follows:
and
Not waiting for Crema Finance, its crypto community led by @HarveyMackinto2 took it upon themselves to look into this situation. "Based on a personal investigation, crypto community member @HarveyMackinto2 allegedly spotted the hacker’s wallet address. The address in question holds 69,422.89 Solana (SOL) tokens — roughly over $2.3 million, procured through a series of transactions over several hours" [Sarkar, supra].
However, some members of the cryptocurrency industry believe the hacker stole 90% of the total liquidity from some of Crema Finance’s pools. Co-founder of Crema Finance Henry Du acknowledged that all protocol functions have been put on indefinite hold and urged investors to check back for an update for further details.
[CoinCu News. Crema Finance Suspends Its Liquidity Procedure For Solana Amid A Hacking Probe. (Accessed July 3, 2022)].
An important note: "Crema Finance is not related to Cream Finance, a decentralized finance DeFi lending protocol, that also lost $19 million in a flash loan hack last year" [Sarkar, supra].
AND - in related news concerning the Harmony Horizon Bridge hack [see, e.g. Nagoda, K. BREAKING NEWS: Harmony Blockchain's 'Horizon Bridge' Hacked for $100 Million. (Accessed July 3, 2022):
"The Lazarus Group, a North Korean hacker group, is now the main suspect in a recent attack that stole $100 million from the Harmony protocol. According to Elliptic’s blockchain analysis, North Korea was involved based on the ways the stolen money was laundered: 'There are strong indications that North Korea’s Lazarus Group may be responsible for this theft, based on the nature of the hack and the subsequent laundering of the stolen funds" [CoinCu News, supra].
Posted Using LeoFinance Beta
