Key Takeaways:
- Solana-based liquidity protocol, Crema lose $6 million on a recent attack.ย
- The hacker has already liquidated 90% of its reserves.ย
On July 3, Crema Finance, the first concentrated liquidity protocol took to Twitter to announce that its protocol has experienced a hack. The team a
said that they were suspending the program and starting to investigate the matter.
The hack happened four hours before the team noticed and the Solana concentrated protocol lost $6 million. A blockchain auditing firm, OtterSEC investigated and confirmed that the hacker used Solend flash loans to drain the protocol. According to the reports, the attacker initially deployed their on-chain program to use the flash loans. The OtterSEC team said that this hack was one of its kind.
Soon after the hack, the hacker closed the onchain program (Bpf-Upgradeable-Loader) that they had to deploy to initiate the hack. The process was executed on Block #139985842. Following this, the hacker used three flash loans to call three instructions namely DepositFixTokenType, Claim, and WithdrawAllTokenTypes on the Crema contract. They used this to deposit and withdraw the exact amount along with additional tokens.
After the hack, Henry du, the cofounder of Crema Finance, said, “We are working with some security companies and got support from Solana, Solscan, and Etherscan, etc. We will continue to post any update via official Twitter account.”
As the identity of the hacker remains unknown, the Crema team has left a message for the hacker to be considered a white hat. They have given the hacker a deadline of 72 hours to return the funds keeping $800k as the bounty. Both the Ethereum and Solana address of the attacker has already been blacklisted by the team.
The services on the protocol are on a halt, probably as an attempt to prevent the hacker from liquidating its reserves. However, members of the community say that the hacker has already liquidated 90% of it on some Crema Finance pools.