Solana chain application crema was shut down due to hacker attacks

7 month 3 Japan ,Solana Centralized liquidity on the chain DeFi application Crema Finance Due to hacker attacks, the company announced its shutdown , The official twitter of the agreement refers to the browser on the chain SolanaFM The message says , The value of crypto assets lost is 878.2 Thousands of dollars .

Today in the morning ,Crema Finance When disclosing the attacked thread, it is called , Hackers create fake price change data accounts （Tick account） Bypass contract checks , Then he used false price data and flash loans to steal huge fees in the capital pool .

Data service provider SolanaFM When disclosing the flow of stolen funds, he said , Hackers from Solana The largest lending platform in the chain Solend Launched a number of flash loans , Among the stolen funds 649.7 Million dollars has passed the cross chain bridge Wormhole Transfer to Ethereum . at present , The hacker's address is already Solana And be blacklisted on the Ethereum chain .

since this year on ,Solana Several security incidents have occurred on the chain , Including losses 3.2 $ Wormhole Security incident and stability currency agreement Cashio Due to the collapse of security vulnerabilities . There are users in Crema Finance After the security incident, it means that it is from Solana Withdraw funds from the chain .

Crema Finance Loss exceeding 870 Thousands of dollars

Crema Finance Official website display , It's built on Solana Centralized liquidity agreement on the chain , The application allows users to redeem with a low slip Solana Encrypted assets under the standard , So far, more than 13 Billion dollars of trading volume , Have more than 38000 Users .

7 month 4 Japan , according to Crema Finance Updated information on official twitter shows , The attack took place in 7 month 2 Japan , Hackers create fake price change data accounts 、 Combined with the lightning loan attack, it stole the encrypted assets stored in the application .

According to the Crema Finance Disclosure , The hacker first created a fake 「Tick account」 Account . This account is in Crema Finance Used to store price change data . After creating a fake account , Hackers initialize the capital pool Tick Address is written into the fake account , Bypassing the platform pair Tick Routine inspection of accounts ; after , The hacker deployed a contract , And use the contract from Solend Complete the lightning loan , by Crema Finance The pool of funds increases liquidity ; stay Crema Finance In the platform , The calculation of transaction costs mainly depends on Tick account Data in ,「 result , The real transaction cost data is replaced by forged data , Hackers steal by charging huge fees from the pool .」

In short, that is , Hackers use Crema Finance Of 「Tick account」 Loophole , The fund pool price of the agreement was operated in the way of flash loan , And profit from it .

Solana Browser data provider on the chain SolanaFM Tracked the flow of hackers' funds , The agency disclosed that , Hackers from Solend The platform has carried out at least 6 Pen lightning loan , Yes 74010 SOL Was found to be transferred from the original wallet to another alternative wallet , And then through Wormhole Agreement points 5 The batch was transferred to Ethereum wallet .

Crema Finance The latest information shows , Hackers have converted the stolen funds into 69422.9 SOL and 6497738 USDCet, among USDCet Through the cross chain bridge Wormhole Transfer to Ethereum , And pass Uniswap Exchange for 6064 ETH. Combined with real-time prices ,Crema Finance The value of the encrypted assets stolen this time exceeds 878 Thousands of dollars .

It is reported that ,Crema Finance The team has contacted the unknown attacker through the message on the chain , If the hacker agrees to 72 Return stolen assets within hours , The team will pay 80 Thousands of dollars . The team said , If hackers don't follow the rules , They will contact 「 Police and legal forces 」 Hunt down hackers .

at present , The hacker's address is already Solana And Ethereum chain are tracked and blacklisted . As of press time , The hacker address has not changed ,Crema Finance Nor has it resumed operations .

Solana Applications on the chain have gradually become hackers 「 Cash dispenser 」

This year, , Compete with Ethereum DeFi In the market Solana The ecosystem on the chain is frequently visited by hackers .

3 late ,Solana The agreement on the chain stabilizes the currency agreement Cashio The stable currency generated due to security vulnerabilities CASH Total collapse . In this case , Hackers exploited a vulnerability in the Protocol , So that they can cast unlimited supply without sufficient positions CASH. Because of the incident , Should have been pegged to the dollar CASH Lost value .

according to DefiLlama The data of , In this incident , Hackers from Solana The decentralized exchange on the chain consumes nearly 2800 Working capital of US $million ,DEX Sabre So it stopped CASH Liquidity pool .

Cashio Officials did not disclose the damage caused by the attack , But there are safety experts who estimate based on the data on the chain , The loss of this stable currency agreement is about 5000 Thousands of dollars .

Solana The most notorious security incident on the chain occurred this year 2 month , at that time , Connect Ethereum and Solana Cross chain bridge of chain Wormhole More than... Were lost due to hacker attacks 3.2 $billion in encrypted assets , Become so far right Solana The biggest attack of chain ecology .

at that time , Through Wormhole Loopholes in , stay Solana Cast on the chain 12 10000 pieces of encapsulated ETH, Subsequent use Wormhole take 8 Wan package ETH Replace it with legal on Ethereum blockchain ETH, At the same time, another 4 Wan package ETH To exchange for Solana Other assets in the chain .

This safety incident also made the industry begin to pay attention to the safety of cross chain bridge . Co founder of Ethereum Vitalik Buterin I was in Reddit Warning the risk of cross chain bridge , He thinks that , Hold on Ethereum ETH Our original assets , Always better than in Solana Hold on to ETH Native assets are safer .

Some analysts think ,Solana On the chain DeFi Applications are frequently attacked , It is related to some applications that are not open source , In this way, the opportunity for white hats to find loopholes for them is lost ; Besides , Some applications carelessly Copy The code of similar applications on the Ethereum chain may also lead to vulnerabilities .

about DeFi For the operation team , How to defend against hacker attacks ？

DeFi Security and analysis company HashEx The founder of Dmitry Mishunin Tips in recent articles , To build secure DeFi agreement , First of all, there should be experienced blockchain developers , They should have a professional team leader , Have the skills to build decentralized applications , meanwhile , Using a secure code base for development is also a wise move ,「 Sometimes , Compared with libraries with the latest code base , Not very up-to-date libraries may be the safest choice .」

「 Testing is all serious DeFi Another thing the project must do .」Mishunin say , He always emphasizes the importance of decentralizing the protection of private keys used to invoke the function of restricted access smart contracts ,「 It is best to decentralize the public key through multi signature , Prevent an entity from completely controlling the contract .」

（ Statement ： Please strictly abide by the local laws and regulations , This article does not represent any investment advice ）

Will you transfer funds from Solana Withdraw from the chain ？