Crema Finance DeFi firm announced losing millions to hackers

July 8, 2022
Crema Finance DeFi Cryptocurrency Hackers Cyberattack Flash Loan Stolen Funds

A popular DeFi (decentralised finance) platform, Crema Finance, had revealed suffering from a cyberattack that allowed hackers to steal over $8.8 million from them. The hackers had allegedly executed a series of flash loan attacks against the DeFi firm, which experts said to be a common tactic performed by cryptocurrency threat actors.

Crema Finance had already contacted the authorities and cybersecurity groups to aid them in the incident, hoping to retrieve the stolen funds and trace its perpetrators. The reports on the incident revealed that about $2.3 million or 69,500 SOL and $6.5 million stablecoins were robbed from the DeFi firm.

 

From a series of Twitter updates, Crema Finance has sent out an offer to the hackers of $800,000 for them to return the remainder of the stolen funds.

 

The firm added that if the hackers refused to settle the issue within 72 hours, authorities would be involved, likely leading them into an endless tracing situation.

Based on the initial analysis of the incident, the threat actors had likely uploaded a malicious on-chain campaign that allowed them to execute multiple attempts of flash loan attacks on the DeFi firm. As flash loan attacks became a widespread vector of threat groups to steal from DeFi platforms, security researchers had also identified numerous incidents against firms in the crypto sector losing a massive amount of money to hackers.

For instance, another DeFi firm, Elephant Money, had been robbed of $11.2 million last April after hackers had performed a flash loan attack on them. Meanwhile, the DeFi firm in question, Crema Finance, suffered three flash loan attacks last year that cost them over $196 million.

The largest cyberattack against the sector was reported last month, affecting the Ronin Network, which lost over $500 million of digital coins.

According to a crypto-security expert, the flash loan attack applied on Crema Finance was rather surprising and complicated, stressing the ever-changing security condition within the cryptocurrency landscape. Hence, it is becoming more important for the firms in this sector to upgrade their security to its fullest extent.

The DeFi firm posted a new update via Twitter, saying that the suspected hackers had sent them an on-chain reply. It is now investigating the message’s legitimacy before beginning negotiation.

About the author