Crema Finance, a concentrated liquidity protocol on the Solana blockchain, announced the temporary suspension of its services due to a successful exploit that drained a significant but undisclosed amount of funds.
Shortly after realizing the hack on its log, Crema Finance stopped providing liquidity services to prevent the hacker from depleting its liquidity reserves – which include the service provider’s and investors’ funds.
Attention! Our log seems to have just been hacked. We have temporarily suspended the program and are investigating it. Updates will be shared here as soon as possible.
— CremaFinance (@Crema_Finance) July 3, 2022
Speaking to Cointelegraph about the matter, Henry Du, the co-founder of Crema Finance, confirmed the start of the investigation. He explained:
“We work with some security companies and have received support from Solana, Solscan and Etherscan etc. We will continue to post all updates via the official Twitter account.”
While the company is yet to provide an update based on an investigation ongoing at the time of writing, the Crypto Twitter community has set out to track down the hacker’s wallet and gain a better understanding of the situation.
Based on personal investigation, crypto community member @HarveyMackinto2 allegedly discovered the hacker’s wallet address. The address in question contains 69,422.89 Solana (SOL) tokens – roughly over $2.3 million – raised through a series of transactions over several hours.
However, other members of the crypto community suspect that the hacker stole 90% of all liquidity from some Crema Finance pools. You too, Approved that all features of the protocol have been suspended indefinitely and asked investors to stay tuned for more information in the form of an update.
Readers need to note that Crema Finance is not related to Cream Finance, a DeFi lending protocol for decentralized finance that also lost $19 million in a flash lending hack last year.
Related: Notorious North Korean hacking group identified as suspect in $100 million Harmony attack
North Korean hacking syndicate – the Lazarus Group – has become the prime suspect in a recent attack that stole $100 million from the Harmony log.
Research by blockchain analysis firm Elliptic claimed North Korea’s involvement based on the laundering methods of the stolen funds:
“There is strong evidence that the North Korean Lazarus Group could be responsible for this theft based on the nature of the hack and subsequent laundering of the stolen funds.”