Crema Finance has lost $9,000,000

Crema Finance is a Solana-based concentrated liquidity protocol that has temporarily suspended its operations to investigate an exploit that made them $8,780,000 poorer.

According to an update provided by the company, it all started with a ticking vulnerability. The hacker activated six flash credits from Solend Pool and used Wormhole Exchange to accumulate the stolen funds. To use the flash credit, the hacker first deployed his program on the network, which was shut down immediately after the exploit. Solend, on the other hand, was unaffected, and the funds were safe.

The attackers' addresses in Solana and Ethereum are blacklisted. The team contacted them via a message to their Ethereum address, which offered not to goat, return the dough and keep $800k for it. As usual - keep watching how this all ends.