Skip to content

CremaFinance hacker has returned over $8 million

The attacker to the Crema Finance protocol returned most of the funds to the project and kept a small amount as a reward.

The liquidity aggregator protocol Crema Finance on Solana was attacked by hackers, stealing more than $8.7 million in cryptocurrency, including 69,422 SOL and 6.5 million USDC, and quickly converted to ETH.

The cause of the attack is said to come from the flash loan features as well as the flaws in the project claim fee mechanism.

Crema Finance then asked the hacker to return the money with a pledge to let him keep $800,000 as a bug bounty reward.

By the morning of July 7, the project said that the hacker had agreed to return the money after negotiation. Accordingly, Crema Finance received 6,064 ETH and 23,967 SOL, equivalent to nearly 7.9 million USD. Under the agreement, the hacker will be allowed to keep 45,455 SOL ($1.65 million) as a bug bounty.

In the past time, there have also been many cases of hackers “returning wages” money to projects that have been attacked by them.