Crema Finance Attacker Returns Stolen Funds, Accepts Bounty Reward

Crema Finance announced on July 7, 2022, four days after the hack of the Crema Finance DeFi protocol, that the hacker has accepted a bounty of 45,455 SOL, and has returned 6,064 ETH and 23967.9 SOL.

Crema Finance Funds Returned 

Through a Twitter thread, the DeFi protocol, Crema Finance, shared an update on the latest security breach the platform suffered on July 3, 2022. The project informed the community that an agreement with the hacker was successfully concluded after what it defined as ‘a long negotiation.’ As a bug bounty reward, the hacker gets to keep 45,455 SOL and refunds 6,064 ETH and 23,967.9 SOL.

Following the refund process carried out in four transactions, the platform promised to follow up with a compensation plan in 48 hours.

This hack, which is the fourth major attack on the liquidity aggregation protocol, saw the hacker cart away $8,782,446 which was gathered from different liquidity pools.

Responding to the news of the Crema Finance negotiations and refund, @ZachXBT, a self-acclaimed on-chain sleuth, opined that the hacker(s) made a good choice by accepting the bounty as certain transactions, ‘suspiciously timed Tornado withdrawals’, could reveal their identity.

A smart decision here by the hacker to negotiate a bounty & return funds (18.5% of $8.8m). Interestingly enough they did a relatively poor job of covering their tracks.

Two suspiciously timed Tornado withdrawals lead back to an address funded via Gemini https://t.co/zLmTwciQEy https://t.co/jUBsmk0XdD pic.twitter.com/4tZIjG9KiD

— ZachXBT (@zachxbt) July 6, 2022

While the security measures should remain under continual upgrade, the hackers’ weak moves might provide an effective option to recover some of the stolen funds. This could help reduce the losses incurred through white hat bounties, which have been likened to ‘terrorist demands’ in recent times.

The Rise in Crypto Cybercrime and the Repeating History

The hack was made possible through a flaw in one of the project’s features, the flash loan feature, but this is not the only successful heist to further disturb the crypto community. The Horizon Bridge hackers of Harmony One is another recent attack that threatens the trust of the security of crypto projects and platforms.

Just recently, crypto.news revealed that in Q1 2022 alone, hackers looted almost $2B from crypto projects and protocols. These bad actors mostly targeted projects in the Ethereum (ETH), Solana (SOL), and Binance Smart Chain (BSC), ecosystems, as well as non-fungible token (NFT) projects.

History seems to be repeating itself in these attacks during a bearish market.

In the 2018 dip, there were reports of similar crypto heists, with hackers getting away with up to 5,966 bitcoins (BTC), aside from other stolen tokens, in just one attack. Once again, these attacks are deepening the fear and worries of crypto investors and DeFi market participants.

Since the emergence of the Blockchain and the growth of crypto projects, hackers have kept upgrading their tactics, with each attack revealing weak links in the chain and loopholes in the strategies.

Hopefully, this recent rise in attacks will not only lead to more sophisticated security measures in both the attacked and the observing crypto players but will also help the security department of different crypto platforms to stay ahead of the hackers’ game, even in a bear market.