Solana-Powered Crema Finance Loses Almost USD 9M in Flash Loan Attack

Author

Ruholamin Haqshanas

Author

Ruholamin Haqshanas

About Author

Ruholamin Haqshanas is a contributing crypto writer for CryptoNews. He is a crypto and finance journalist with over four years of experience. Ruholamin has been featured in several high-profile crypto...

Author Profile

Share

Copied

Last updated:

October 23, 2023 08:55 EDT

Why Trust Cryptonews

Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews

Crema Finance, a concentrated liquidity protocol built on the Solana (SOL) blockchain, has lost over USD 8.7m worth of crypto assets in a flash loan attack that drained its liquidity reserves.

The protocol’s official Twitter account confirmed the hack on Sunday and announced the temporary suspension of the service as they started an investigation.

“Our protocol seems to have just experienced a hacking,” Crema Finance’s Twitter account said. “We temporarily suspended the program and are investigating it. Updates will be shared here ASAP.”

In an update, the team explained that the hacker started by creating a fake tick account, which is a dedicated account that stores price tick data in a concentrated liquidity market maker (CLMM). Subsequently, they were able to sidestep the routine “check” process by “writing the initialized tick address of the pool into the fake account.” 

The hacker then deployed a contract that allowed them to lend a flash loan from borrowing and lending service Solend and add liquidity on Crema to open positions.

“In CLMM, the calculation of transaction fees mainly relies on the data in tick account. As a result, the authentic transaction fee data was replaced by the faked data so the hacker completed the stealing by claiming a huge fee amount out from the pool,” Crema Finance said.

According to an investigation by Solana explorer SolanaFM, Crema Finance was exploited to the tune of USD 8.78m, which included various amounts of USDT, USDH Hubble Stablecoin, as well as crypto synths. 

1b/: Solend Flash Loans

10,500 $mSOL (Solend Main Pool Vault): https://t.co/5jFZcqcv94

57,000 $stSOL (Solend Main Pool Vault): https://t.co/8UjlmR0PWE

840,000 $PAI (Solend Stable Pool Vault): https://t.co/7QORKPLCLm pic.twitter.com/eyo2u42naM

— SolanaFM (@solanafm) July 3, 2022

Meanwhile, the project shared the addresses linked to the hacker, claiming that they would be tracking the movement of stolen funds.

“More and more relevant organizations are providing valuable clues for us. Also, we’re still open to a communication with the hacker before the time window is closed,” the project said.

____

Learn more: 
– ONE Keeps Trending Lower while Harmony Offers Hacker USD 1M in Bounty for Return of Funds
– XCarnival Hacker Accepts ETH 1,500 Bounty and Returns Remaining ETH 1,467

– Axie Infinity’s Ronin Bridge to Re-Open After Hack, Locked Funds to Be Returned
– Osmosis DEX Hacked for USD 5M, Team Denies Liquidity Pools Being ‘Completely Drained’

– The Blame Game Begins as Bored Apes Co-Founder Criticized for Blaming Discord Following Another NFT Exploit
– Hacker Used ‘Social Media Data Leak’ to Steal USD 660K in Crypto from 90 Victims – Police