Solana protocol CremaFinance hacked for $8.7 million

CremaFinance, a liquidity protocol on Solana, was exploited for over $8.7 million this weekend, the platform confirmed on Monday.

The hack follows an exploit in the decentralized finance platform’s tick account, Crema said in an update.

Once they managed to create the fake account, the attacker was able to “circumvent” a routine security check, leading to the withdrawal of millions of dollars in crypto.

6) In CLMM, the calculation of transaction fees mainly relies on the data in tick account. As a result, the authentic transaction fee data was replaced by the faked data so the hacker completed the stealing by claiming a huge fee amount out from the pool.

— CremaFinance (@Crema_Finance) July 3, 2022

The Solana-based protocol announced a temporary pause to its service, noting it had initiated an investigation into the exploit with the help of industry’s leading security services.

“The hacker swapped the stolen fund into 69422.9SOL and 6,497,738 USDCet via Jupiter. The USDCet was then bridged to the Ethereum network via Wormhole and swapped to 6064ETH via Uniswap after that,” Crema said in a tweet.

The attack on Crema is one among several DeFi attacks in 2022, with blockchain security analytics platform Chainalysis reporting that about 97% of crypto attacks within Q1 were connected to DeFi.

Among the billions stolen year-to-date from protocols are high profile losses like the $615 million on Axie Inifinity’s Ronin bridge; the $320 million heist from Wormhole; the $181 million Beanstalk flash loan attack and the $30 million hack on Optimism.

Tracking site REKT Database shows over $3.6 billion has been lost to hackers over the past year, with just over $1.1 billion returned.