‘Crema Finance’ Hacker Returns Funds, Receives $1.7 Million in SOL as Bounty

‘Crema Finance’ Hacker Returns Funds, Receives $1.7 Million in SOL as Bounty

Solana-based liquidity protocol Crema Finance claims it has recovered most of the roughly US$9 million worth of assets stolen by a hacker on July 3:

👉After a long negotiation, the hacker agreed to take 45455 SOL as the white hat bounty. Now we have confirmed the receipt of 6064 ETH + 23967.9 SOL in four transactions indicated below. A follow-up compensation plan will be released in 48h.

— CremaFinance (@Crema_Finance) July 6, 2022

Crema Finance negotiated an agreement with the hacker, whose identity remains unknown, which allowed the hacker to keep a portion of the stolen assets as a bug bounty in exchange for returning the remaining assets.

No Criminal Charges Likely

The hack on Crema Finance resulted in the theft of 69,422.9 SOL and 6,497,738 USDC – a combined total value of just over US$8.78 million.

Following what Crema Finance described as a “long negotiation”, the hacker agreed to return most funds but retained 45,455 SOL, currently valued at approximately US$1.7 million. The hacker was also referred to as “white-hat” and “ethical” in tweets by Crema Finance, suggesting the DeFi platform won’t be pursuing criminal charges.

Following the hack, the total value locked on Crema Finance fell dramatically, dropping as low as US$3 million on July 4, having sat at over US$12 million on the Saturday prior to the hack.

Crema Finance shared the transaction details proving the hacker had indeed returned 6,064 ETH and 23,967 SOL to its accounts:

— CremaFinance (@Crema_Finance) July 6, 2022

Smart Contract Suspended Pending Audit

Since the hack, Crema Finance’s smart contract has been suspended while its new smart contract code is being audited by blockchain security firm SlowMist. Crema Finance says the protocol will go live again once that audit is complete and its security can be assured:

We just submitted our new code base to one of the leading auditors @SlowMist_Team for a new round of smart contract audit. Crema’s protocol will go live again after the new audit is completed. 💪

— CremaFinance (@Crema_Finance) July 6, 2022

It’s becoming increasingly common for hackers in the crypto space to agree to return most of the stolen assets in return for a bounty. In June, a high-profile case saw the the Ethereum rollup-solution Optimism hacked to the tune of US$17 million, with the hacker agreeing to return US$15 million worth of the stolen assets in return for a US$2 million bug bounty.

The content and views expressed in the articles are those of the original authors own and are not necessarily the views of Crypto News. We do actively check all our content for accuracy to help protect our readers. This article content and links to external third-parties is included for information and entertainment purposes. It is not financial advice. Please do your own research before participating.

Read More

Write a comment

Your email address will not be published. All fields are required