The team behind Crema Finance, a decentralized finance protocol, stated that the hacker had returned approximately $8 million in crypto assets after some negotiations. The hacker was willing to accept a white-hat bounty of 45,455 solana, according to the team.
The defi project Crema Finance was exploited for approximately $8.7 million in cryptocurrency assets on July 2, 2022. Flash loan attacks were used to siphon digital currencies worth $8,782,446 according to Ottersec, a blockchain auditing firm.
Crema Finance temporarily suspended this program and began investigating the exploit. Crema Finance stated that they were making “significant progress” in their investigation on July 5.
“We identified a suspect identity by tracing the gas sources at the hacker’s original address. This could be related to the hacking incident. After further verification, new updates will be shared,” Crema Finance stated Tuesday. The defi team also stated that the hacker had sent an on-chain response. Crema Finance noted
We are verifying the authenticity of the document and we are beginning negotiations.
After a lengthy negotiation and a bounty of 45,455 solana (SOL), the hacker gave back two large amounts of ETH as well as SOL.
Crema Finance stated that the hacker had agreed to accept 45,455 SOL in lieu of the white-hat bounty after a lengthy negotiation. We have now confirmed receipt of 6,064 ETH + 23,967.9 in four transactions… A follow up compensation plan will be published in 48 hours.”
Numerous hacks have affected decentralized finance (defi), protocols in 2022. The first quarter saw $1.3B in crypto funds stolen from individuals, exchanges and defi protocol. 97% of $1.3 billion was derived from defi exploitations. In the second quarter, $670million was taken from defi exploits.
According to an report by Immunefi, the majority of stolen crypto from Q2 2022’s defi exploits were from four different projects. These four projects are Beanstalk (H Harmony Horizon Bridge), Mirror Protocol and Fei Protocol.
Crema Finance announced that it had submitted its updated codebase to the audit firm Slowmist just before the announcement of the hacker’s successful communications. The Crema Finance team stated that Crema’s protocol would be made available again once the audit is complete.
Sometimes, defi projects are able negotiate with attackers and receive a portion or all of the stolen funds back. Although there have been numerous attempts to reach out to hackers or offer rewards, most defi projects don’t get in touch with them and end up paying the damage.