About Crema Finance
Crema finance is a decentralised liquidity protocol based on Solana.
It offers a solution to illiquid markets by offering rewards to liquidity providers to swap illiquid cryptocurrencies.
The exploiter found a vulnerability in its tick size and activated six flash loans worth around $8.78 millon.
The attacker swapped the stolen fund into 69422.9 SOL and 6,497,738 USDCet via Jupiter. Then, the USDCet was bridged to the Ethereum network with the help of Wormhole and swapped to 6,064ETH via Uniswap soon after.
The Crema team messaged to the hackers ethereum address on-chain:
“To the Crema hacker: Your address on both Solana and Ethereum have been blacklisted and all eyes are on you right now. You have 72h from now to consider becoming a white hat and keeping $800k as a bounty. And transfer remaining funds back to our contract-update-authority address.
The hacker agreed to return the funds and kept 45455 SOL as Bounty.