{"id":63832,"date":"2022-07-03T09:44:37","date_gmt":"2022-07-03T06:44:37","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=63832"},"modified":"2025-09-06T11:07:24","modified_gmt":"2025-09-06T08:07:24","slug":"crema-finance-on-solana-halts-operations-after-hacker-attack","status":"publish","type":"post","link":"https:\/\/u1f987.com\/en\/crema-finance-on-solana-halts-operations-after-hacker-attack\/","title":{"rendered":"Crema Finance on Solana halts operations after hacker attack"},"content":{"rendered":"<p>The Crema Finance decentralised liquidity protocol (Solana ecosystem) has halted its app following a hacking incident.<\/p>\n<blockquote class=\\\"twitter-tweet\\\">\n<p lang=\\\"en\\\" dir=\\\"ltr\\\">\ud83d\udea8\ud83d\udea8Attention! Our protocol seems to have just experienced a hacking. We temporarily suspended the program and are investigating it. Updates will be shared here ASAP.<\/p>\n<p>\u2014 CremaFinance (@Crema_Finance) <a href=\\\"https:\/\/twitter.com\/Crema_Finance\/status\/1543416225622941696?ref_src=twsrc%5Etfw\\\">July 3, 2022<\/a><\/p><\/blockquote>\n<p> <script async=\\\"\\\" src=\\\"https:\/\/platform.twitter.com\/widgets.js\\\" charset=\\\"utf-8\\\"><\/script><\/p>\n<p>According to OtterSec analysts, the attackers stole digital assets from the project\u2019s liquidity pools totaling about $6 million. The attack was carried out using <a href=\"https:\/\/u1f987.com\/en\/news\/what-are-flash-loans\">flash loans<\/a> on the Solend lending platform.<\/p>\n<blockquote class=\\\"twitter-tweet\\\">\n<p lang=\\\"en\\\" dir=\\\"ltr\\\"><a href=\\\"https:\/\/twitter.com\/Crema_Finance?ref_src=twsrc%5Etfw\\\">@Crema_Finance<\/a> was recently hacked for over $6M. Unlike previous attacks, this hacker used Solend flashloans to drain the pool. We\u2019re working closely with the Crema team to help resolve this issue.<\/p>\n<p>In the meantime, we\u2019ll be sharing what we know about the exploit \ud83e\uddf5 <a href=\\\"https:\/\/t.co\/5NjovZtAEb\\\">pic.twitter.com\/5NjovZtAEb<\/a><\/p>\n<p>\u2014 OtterSec (@osec_io) <a href=\\\"https:\/\/twitter.com\/osec_io\/status\/1543469811287465984?ref_src=twsrc%5Etfw\\\">July 3, 2022<\/a><\/p><\/blockquote>\n<p> <script async=\\\"\\\" src=\\\"https:\/\/platform.twitter.com\/widgets.js\\\" charset=\\\"utf-8\\\"><\/script><\/p>\n<p>Experts noted that unknown actors discovered a vulnerability that allows deposits to be made into the protocol and withdraw a corresponding amount of assets while receiving additional tokens via the <a href=\\\"https:\/\/medium.com\/@asmiller1989\/solana-transactions-in-depth-1f7f7fe06ac2\\\">\u0438\u043d\u0441\u0442\u0440\u0443\u043a\u0446\u0438\u044e<\/a> Claim. In order to execute the attack, the hackers deployed a proprietary smart contract on the Solana network that interacted with Crema Finance.<\/p>\n<p>As of writing, at the suspected address <a href=\\\"https:\/\/explorer.solana.com\/address\/Esmx2QjmDZMjJ15yBJ2nhqisjEt7Gqro4jSkofdoVsvY\\\">\u0430\u0434\u0440\u0435\u0441\u0435<\/a> the attacker holds 69 422 SOL (~$2.28 million).<\/p>\n<blockquote class=\\\"twitter-tweet\\\">\n<p lang=\\\"en\\\" dir=\\\"ltr\\\">Thanks \ud83d\ude4f <a href=\\\"https:\/\/t.co\/QbeCfSAkt7\\\">https:\/\/t.co\/QbeCfSAkt7<\/a><\/p>\n<p>\u2014 Henry | Crema Finance (@HenryCanFly) <a href=\\\"https:\/\/twitter.com\/HenryCanFly\/status\/1543480731698995200?ref_src=twsrc%5Etfw\\\">July 3, 2022<\/a><\/p><\/blockquote>\n<p> <script async=\\\"\\\" src=\\\"https:\/\/platform.twitter.com\/widgets.js\\\" charset=\\\"utf-8\\\"><\/script><\/p>\n<p>The Crema Finance team is investigating the incident. The developers pledged to disclose details of the attack and the extent of losses later.<\/p>\n<p>Earlier, on June 24, a hacker <a href=\"https:\/\/u1f987.com\/en\/news\/hacker-steals-about-100-million-in-harmonys-horizon-cross-chain-bridge-attack\">stole about $100 million<\/a> in an attack on Harmony\u2019s Horizon cross-chain bridge.<\/p>\n<p>Follow ForkLog\u2019s bitcoin news on our <a href=\\\"\/\/telegram.me\/forklog\\\" target=\\\"\u201c_blank\u201d\\\" rel=\\\"\u201cnofollow\u201d noopener\\\">Telegram<\/a> \u2014 cryptocurrency news, prices and analysis.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The Crema Finance decentralised liquidity protocol (Solana ecosystem) halted its app following a hacking incident.<\/p>\n","protected":false},"author":1,"featured_media":63833,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1154,1159],"class_list":["post-63832","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-crimes","tag-solana-sol"],"aioseo_notices":[],"amp_enabled":true,"views":"19","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/63832","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/comments?post=63832"}],"version-history":[{"count":1,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/63832\/revisions"}],"predecessor-version":[{"id":63834,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/posts\/63832\/revisions\/63834"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media\/63833"}],"wp:attachment":[{"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/media?parent=63832"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/categories?post=63832"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/u1f987.com\/en\/wp-json\/wp\/v2\/tags?post=63832"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}