THE SOLANA BLOCKCHAIN-BASED CREMA FINANCES LOST OVER $8.7 MILLION IN A FLASH LOAN ATTACK!
Crema Finance, a Solana blockchain-based concentrated liquidity protocol, has lost over USD 8.7 million in crypto due to a flash loan attack, which drained its liquidity reserves.
The protocol’s official Twitter account confirmed the hack on Sunday. It announced a temporary suspension of the service while an investigation was conducted.
“Our protocol seems to have just experienced a hacking,” Crema Finance’s Twitter account said. “We temporarily suspended the program and are investigating it. Updates will be shared here ASAP.”
According to an update, the hacker began by creating a fake tick account, a dedicated account used to hold price tick data in a concentrated liquidity market maker (CLMM). They avoided the standard “check” procedure by “putting the pool’s initialized tick address into the bogus account.”
The hacker then used a contract to lend a flash loan from the borrowing and lending provider Solend to add liquidity to open bets on Crema.
Crema Finance was exploited to the tune of USD 8.78m, according to an investigation by Solana explorer SolanaFM, which included various amounts of USDT, USDH Hubble Stablecoin, and crypto synths.
Meanwhile, the project released the addresses associated with the hacker, claiming to be tracking the movement of stolen funds.
“More and more relevant organizations are providing valuable clues for us. Also, we’re still open to communication with the hacker before the time window is closed,” the project said.