Hacker Crema Finance returns $7.6 million

Hacker Crema Finance returns $7.6 million

After the negotiated settlement, hacker Crema Finance returned the stolen $7.6 million. Accordingly, hackers are allowed to keep 45,455 SOL as a bonus.

On July 4, Crema Finance – a centralized liquidity protocol on the Solana blockchain was exploited for a flash loan. Accordingly, the amount of damage was nearly 70,000 SOL and more than 6.4 million USDC stablecoin, equivalent to 9 million USD at the time of the hack.
Confirming with the media, Henry Du – co-founder of Crema Finance has confirmed the incident has begun to be investigated.
“We are working with a number of security companies and have support from Solana, Solscan and Etherscan, etc. We will continue to post updates on the hack through the official Twitter account.”
According to an update from Crema Finance, after the negotiation, the hacker returned the stolen money. On July 7, Crema Finance confirmed on Twitter that the hacker returned 6,064 ETH ($7 million) and 23,967 SOL ($870,000) to Crema wallets on Solana and Ethereum in four transactions.
Hacker Crema Finance returns $7.6 million
According to the negotiated agreement, the hacker is allowed to keep 45,455 SOL ($1.65 million) as a bounty reward. The team has “labeled” the culprit as a white hat hacker. This means that Crema Finance will not take any legal action against the attacker.
Hacker Crema Finance returns $7.6 million
“After a long negotiation, the hacker agreed to take 45,455 SOL as a bonus. We have now received the hacker refund, including 6,064 ETH and 23,967 SOL.”
After the hack, Crema Finance contacted to negotiate with the hacker by sending an on-chain message offering the bounty. A day later, the hacker responded to the message and agreed to refund the amount.
When the hack happened, the crypto community on Twitter took it upon themselves to track down the attacker’s wallet and gain a better understanding of the situation.
Based on a personal investigation, a personal Twitter account named Harvey Mackintosh claimed to have discovered the attacker’s wallet address. The address in question contains 69,422 SOL, or more than 2.3 million USD. This SOL was purchased through a series of transactions over the course of several hours.
About how the hacker attacked, a personal Twitter account called xNFT Pierre Arowana had some sharing about this incident.
Accordingly, the hacker is said to have used the flash loan tool on Solend to borrow an amount of money and deposit it into the pool. After that, the hacker took advantage of the deposit, claim and withdrawal orders to withdraw money.
The key to this is that the hacker can freely request a claim fee from the pool. Because usually, only those who provide liquidity can claim. And the claim fee will be divided according to the liquidity supply ratio.

Leave a Reply

Your email address will not be published.