Sonne Finance, a lending protocol, was compelled to halt its operations after falling victim to a hack that resulted in the loss of $20 million worth of cryptocurrencies from the market.
On May 14, at approximately 10:30 pm UTC, cybersecurity firm Cyvers detected an ongoing attack on Sonne Finance’s contracts for USD Coin (USDC) and Wrapped Ether (WETH).
However, by the time Sonne Finance became aware of the situation 25 minutes later, the hacker had already stolen $20 million in WETH, Velo (VELO), soVELO, and Wrapped USDC (USDC.e).
Source:
Sonne Finance
On May 15 at 12:11 am UTC, Sonne Finance announced on X that “All markets on Optimism have been paused.” Shortly after, the protocol joined forces with Cyvers to conduct a thorough investigation into the matter.
Sonne Finance is currently exploring various options to recover the stolen funds, which includes considering a bug bounty for the hacker. In such cases, hackers typically return most of the stolen funds and retain around 10% as a reward for discovering a security flaw.
However, it appears that the hacker is not interested in negotiations. According to blockchain investigator PeckShield, the exploiter has already transferred a significant portion of the stolen funds ($7.8 million) to a new wallet address.
Source:
PeckShield
Subsequently, the exploiter exchanged 59 WBTC for approximately 1,185 Ether (ETH) and 183,000 Dai (DAI). This suggests an intention to funnel the stolen funds through a privacy protocol like Tornado Cash in order to evade detection.
Sonne Finance’s post-mortem analysis revealed that a donation attack was carried out on Sonne’s Compound v2 forks, which had a known bug, according to a member of the X community named PoorBabyCorn.
They accused Sonne Finance of utilizing Compound v2 despite being aware of the risks and questioned, “If this wasn’t a premeditated backdoor, then what was it?”
In parallel, it has been reported that the primary hedge fund of crypto institutional investment firm BlockTower Capital has also been exploited and partially drained. The funds have yet to be recovered, and BlockTower has enlisted the help of blockchain forensic analysts to trace the funds and determine the method of breach. As of May 15, the exploiter has not been apprehended, as reported by Bloomberg, citing individuals familiar with the situation.
Related:
Stolen Poloniex Ether worth $53M never made it back to the exchange
BlockTower has informed its partners about the incident. It reportedly manages $1.7 billion in assets.
BlockTower did not respond immediately to Cointelegraph’s request for comment.
In February 2023, BlockTower seemingly suffered a loss of around $1.5 million in the $2 million exploit of the multichain exchange aggregator Dexible. Dexible stated that approximately 85% of the stolen funds belonged to “a few big whales.” Arkham Intelligence, an on-chain intelligence platform, identified a wallet drained of $1.5 million as belonging to BlockTower.
Magazine:
‘Sic AIs on each other’ to prevent AI apocalypse: David Brin, sci-fi author