Sonne Finance loses $20 million in crypto heist

Sonne Finance was forced to shut down its operations after a hacking attack that made out of $20 million in cryptocurrencies, including WETH and USDC. The attempts to retrieve the cash are in progress. On May 14, around 10:30 pm UTC, the security firm Cyvers of the Web3 discovered an ongoing attack on the USD […]

CryptoFortress

May 15, 2024 - 13:00

Sonne Finance loses $20 million in crypto heist

Ads by Eonads

Sonne Finance was forced to shut down its operations after a hacking attack that made out of $20 million in cryptocurrencies, including WETH and USDC. The attempts to retrieve the cash are in progress. On May 14, around 10:30 pm UTC, the security firm Cyvers of the Web3 discovered an ongoing attack on the USD Coin and Wrapped Ether (WETH) contracts of Sonne Finance.

Ads by Eonads

Sonne $20M crypto heist

Nevertheless, when Sonne Finance learned about the situation 25 minutes later, the hacker had already stolen $20 million of WETH, Velo (VELO), soVELO, and Wrapped USDC (USDC.e). On May 15 at 12:11 a.m. UTC, Sonne Finance revealed on X that all markets on Optimism had been stopped. Soon after, the protocol team joined hands with Cyvers to investigate the situation in depth.

All markets on Optimism have been paused.

Markets on Base are safe.

We'll provide more information with time.— Sonne Finance (@SonneFinance) May 15, 2024

Sonne is investigating everything to recover the stolen money and negotiating a bug bounty for the hacker. In such scenarios, the hacker gives back most of the stolen money and keeps almost 10% of the loot as a reward for discovering a security flaw.

The hacker is not at all willing to hold any talks. As PeckShield, the blockchain detective, says, the attacker has already moved a large amount of the stolen money ($7.8 million) to a new wallet address. The transaction involved the exchange of 59 WBTC for an estimated 1,185 Ether and 183,000 Dai.

#PeckShieldAlert @SonneFinance exploiter-labeled address has transferred $7.8M worth of cryptos, including 100 $WBTC & 556.1 $ETH, to a new address 0x6277…4c07 #Optimism pic.twitter.com/g4oiP5akr4— PeckShieldAlert (@PeckShieldAlert) May 15, 2024

BlockTower fund breach

The action shows a clear intention to transfer the stolen funds through a privacy protocol such as Tornado Cash to avoid the possibility of being traced. A post-mortem by Sonne Finance has revealed that a donation attack was carried out on Sonne’s Compound v2 forks, which had a known bug. The PoorBabyCorn community member has confirmed this information.

They alleged that Sonne Finance implemented Compound v2 even when they were fully aware of the risks and asked, If this is not a deliberate backdoor, what is it?

Besides, the main hedge fund of the crypto institutional investment firm BlockTower Capital has allegedly been cracked and partially emptied.

The money has not been recovered, and BlockTower hired blockchain forensic analysts to find out where the money went and how they breached it.