Loading...

Sonne Finance loses $20 million in crypto heist

In this post:

  • $20M crypto heist hits Sonne Finance, hacker laundering funds.
  • Sonne tries bounty, but the hacker rebuffs, and talks launders loot.
  • BlockTower Capital fund was also breached, analysts tracing stolen crypto.

Sonne Finance was forced to shut down its operations after a hacking attack that made out of $20 million in cryptocurrencies, including WETH and USDC. The attempts to retrieve the cash are in progress. On May 14, around 10:30 pm UTC, the security firm Cyvers of the Web3 discovered an ongoing attack on the USD Coin and Wrapped Ether (WETH) contracts of Sonne Finance.

Sonne $20M crypto heist

Nevertheless, when Sonne Finance learned about the situation 25 minutes later, the hacker had already stolen $20 million of WETH, Velo (VELO), soVELO, and Wrapped USDC (USDC.e). On May 15 at 12:11 a.m. UTC, Sonne Finance revealed on X that all markets on Optimism had been stopped. Soon after, the protocol team joined hands with Cyvers to investigate the situation in depth.

Sonne is investigating everything to recover the stolen money and negotiating a bug bounty for the hacker. In such scenarios, the hacker gives back most of the stolen money and keeps almost 10% of the loot as a reward for discovering a security flaw.

The hacker is not at all willing to hold any talks. As PeckShield, the blockchain detective, says, the attacker has already moved a large amount of the stolen money ($7.8 million) to a new wallet address. The transaction involved the exchange of 59 WBTC for an estimated 1,185 Ether and 183,000 Dai.

BlockTower fund breach

The action shows a clear intention to transfer the stolen funds through a privacy protocol such as Tornado Cash to avoid the possibility of being traced. A post-mortem by Sonne Finance has revealed that a donation attack was carried out on Sonne’s Compound v2 forks, which had a known bug. The PoorBabyCorn community member has confirmed this information.

They alleged that Sonne Finance implemented Compound v2 even when they were fully aware of the risks and asked, If this is not a deliberate backdoor, what is it?

Besides, the main hedge fund of the crypto institutional investment firm BlockTower Capital has allegedly been cracked and partially emptied.

The money has not been recovered, and BlockTower hired blockchain forensic analysts to find out where the money went and how they breached it.

Disclaimer. The information provided is not trading advice. Cryptopolitan.com holds no liability for any investments made based on the information provided on this page. We strongly recommend independent research and/or consultation with a qualified professional before making any investment decisions.

Share link:

Most read

Loading Most Read articles...

Stay on top of crypto news, get daily updates in your inbox

Related News

BlockTower
Cryptopolitan
Subscribe to CryptoPolitan