coinspeaker.com
Hack attacks on DeFi protocols are significantly on the rise and Crema Finance might be the latest victim of their flash loan attack tactic.
It appears that decentralized finance (DeFi) platform Crema Finance has finally reached an agreement with the hacker who made away with $8.78 million worth of crypto last Saturday. According to a Thursday announcement by the platform, the attacker would take a bounty of 45,455 SOL tokens. That is worth about $1.7 million as of press time.
Crema Finance Agrees to Hacker’s Bounty Request
On July 2, a hacker had taken advantage of a vulnerability in Crema Finance protocol, making away with a total amount of $8,782,446 in six flash loans.
Soon after discovering the attack, the team backing the protocol offered the attacker a $800,000 bounty. And considering that is nearly 10% of the stolen funds, the bounty offered was probably a generous one. But the hacker had other plans.
After a series of back-and-forth negotiations, however, the attacker eventually requested a significantly higher bounty (45,455 SOL), and an agreement has now been reached.
The latest attack marks the fourth in as many such flash loan attacks that Cream Finance has been hit with since 2021. Last February, the platform lost $37 million to flash loan attacks, and another $29 million in August. By October, the DeFi platform lost yet another $130 million making it the third attack in 2021.
Flash Loan Attacks Bedeviling the DeFi Sector
One of the common tactics of DeFi attackers is the flash loan tactic. In fact, it has become so widespread in the DeFi sector that at least $2.2 billion was siphoned from DeFi protocols via it in 2021. That is according to blockchain analysis firm Chainalysis.
In April, hackers stole $11.2 million worth of Binance Coin from DeFi platform Elephant Money.
In March, Ronin Network announced that it lost over $615 million worth of cryptocurrency to a similar hack. Similarly, there was a recently reported $100 million attack on Harmony.
Interestingly, most of these attacks have been rumored to have links to the notorious cybercrime group Lazarus Group. And reports also claim that the group is strongly backed by the North Korean government.
Regardless of whoever is behind these incessant attacks, DeFi protocols must certainly take necessary precaution measures to forestall future occurrences.