Crema Finance, a concentrated liquidity protocol over the Solana blockchain, announced the temporary suspension of its services owing to a successful exploit that has drained a substantial but undisclosed amount of funds.
Soon after realizing the hack on its protocol, Crema Finance suspended the liquidity services to refrain the hacker from draining out its liquidity reserves — which include the funds of the service provider and investors.
Attention! Our protocol seems to have just experienced a hacking. We temporarily suspended the program and are investigating it. Updates will be shared here ASAP.
— CremaFinance (@Crema_Finance) July 3, 2022
Speaking to Cointelegraph about the matter, Henry Du, the co-founder of Crema Finance, confirmed the commencement of the investigation. He stated:
“We are working with some security companies and got support from Solana, Solscan and Etherscan etc. We will continue to post any update via official Twitter account.”
While the company has yet to provide an update based on an investigation that was ongoing at the time of writing, the Crypto Twitter community took it to themselves to track down the hacker’s wallet and gain a better understanding of the situation.
Based on a personal investigation, crypto community member @HarveyMackinto2 allegedly spotted the hacker’s wallet address. The address in question holds 69,422.89 Solana (SOL) tokens — roughly over $2.3 million — procured through a series of transactions over several hours.
Other members of the crypto community, however, suspect the hacker made away with 90% of the total liquidity from some of Crema Finance’s pools. Du, too, confirmed that all the functions of the protocol have been suspended indefinitely and asked investors to stay tuned for further information in the form of an update.
Readers must note that Crema Finance is not related to Cream Finance, a decentralized finance DeFi lending protocol, that also lost $19 million in a flash loan hack last year.
North Korean hacking syndicate — the Lazarus Group — has become the primary suspect of a recent attack that made away $100 million from the Harmony protocol.
Investigations from blockchain analysis firm Elliptic claimed the involvement of North Korea based on the laundering methods of the stolen funds:
“There are strong indications that North Korea’s Lazarus Group may be responsible for this theft, based on the nature of the hack and the subsequent laundering of the stolen funds.”