1. Home
  2. Crema Finance

Crema Finance

New York prosecutor charges hacker over $9M exploit of Solana-based exchange

A skilled computer security engineer has been charged with wire fraud and money laundering related to an attack on a decentralized exchange.

A former security engineer for an international technology firm has been arrested and charged for allegedly using a smart contract bug to steal $9 million in cryptocurrency from a Solana-based decentralized crypto exchange.

On June 11, the United States Attorney for the Southern District of New York Damian Williams announced the “first-ever criminal case” involving an attack on a smart contract operated by a decentralized exchange (DEX).

In a statement, Williams claims the accused — Shakeeb Ahmed — “used his expertise to defraud the exchange and its users and steal approximately $9 million in cryptocurrency.”

Williams said the attack was carried out in July 2022 and was aimed at a Solana-based DEX.

The attack involved exploiting a vulnerability in the exchange's smart contracts to generate inflated fees with flash loans.

These were then withdrawn and laundered through a “series of complex transfers on the blockchain where he swapped cryptocurrencies, hopped across different crypto blockchains, and used overseas crypto exchanges.”

While Williams did not disclose the DEX that was exploited in July, previous reporting from Cointelegraph reveals an unknown hacker exploited Solana-based liquidity protocol Crema Finance on July 2, 2022, stealing $9.6 million in cryptocurrency.

The exploiter later returned most of the funds but was allowed to keep $1.6 million as a white hat bounty.

Similarly, William’s statement also noted that Ahmed decided to return all of the stolen funds except for $1.5 million on condition the crypto exchange did not refer the attack to law enforcement.

“None of those actions covered the defendant’s tracks or fooled law enforcement, and they certainly didn’t stop my Office or our law enforcement partners from following the money,” he said.

Ahmed was arrested in New York and has been indicted on charges of wire fraud and money laundering related to the attack of the Solana-based DEX in July 2022.

Cointelegraph contacted Crema Finance for clarification but did not immediately receive a response.

Related: Crypto hacks and exploits snatch over $300M in Q2 2023

Responding to the recent news, crypto, and startup lawyer "Orlando.btc" commented that the move could be good for the overall DeFi ecosystem.

The indictment indicates that the Department of Justice will “pursue criminal charges if a person intentionally uses a protocol in a way that it was not *intended* to be used,”

Magazine: Should crypto projects ever negotiate with hackers? Probably

‘Omega Candle’ Is the Next Step for Bitcoin, Says BTC Veteran Samson Mow – Here’s What He Means

Defi Attacker Siphons $570,000 From Curve Finance, Crypto Exchange Fixedfloat Freezes 112 Ethereum

Defi Attacker Siphons 0,000 From Curve Finance, Crypto Exchange Fixedfloat Freezes 112 EthereumReports indicate that the decentralized finance (defi) protocol Curve was hacked for $570,000 in ethereum after people noticed that Curve’s front end was exploited. The attackers then tried to launder the funds via the crypto exchange Fixedfloat, and the trading platform’s team managed to freeze $200K worth of the stolen funds. Curve Finance Exploited for […]

‘Omega Candle’ Is the Next Step for Bitcoin, Says BTC Veteran Samson Mow – Here’s What He Means

Crema Finance Hacker Negotiates With Defi Project’s Team, Returns $8 Million in ETH and SOL

Crema Finance Hacker Negotiates With Defi Project’s Team, Returns  Million in ETH and SOLFollowing the hack on July 2, 2022, the team behind the decentralized finance (defi) protocol Crema Finance detailed that after some negotiation, the hacker returned roughly $8 million in crypto assets. According to the team, the hacker agreed to take a white hat bounty worth 45,455 solana. Hacker Returns $8 Million in Crypto to Crema […]

‘Omega Candle’ Is the Next Step for Bitcoin, Says BTC Veteran Samson Mow – Here’s What He Means

Crema hacker returns $8M, keeps $1.6M in deal with protocol

The Crema Finance team awarded the hacker who made off with nearly $10 million in funds from the protocol 16.7% of the stolen funds as a white hat bounty.

The hacker who exploited Solana-based liquidity protocol Crema Finance on July 2 returned most of the funds but was allowed to keep $1.6 million as a white hat bounty.

The bounty, 45,455 Solana (SOL), is worth a generous 16.7% of the $9.6 million Crema lost initially, which forced the protocol to suspend services.

Crema’s team began an investigation to identify the hacker by tracking their Discord handle and tracing the original gas source for the hacker’s address. Just as it seemed the team may have been onto the secret identity, it announced that it had been negotiating with the hacker. On Wednesday, the hacker returned 6,064 Ether (ETH) and 23,967 SOL worth roughly $8 million.

The hacker returned the funds in a series of transactions on Ethereum and Solana networks. The first transaction on each network was a test with a negligible amount of coins, while the following was worth the majority of the funds sent.

Users of Crema and the team have reason to rest easier now that the funds have been secured, but there is still work to do. The team announced on Tuesday before the deal had been reached, that it submitted new code for auditing to ensure that the same exploit did not happen again.

Although the community awaits an official post-mortem on the attack, the Crema team outlined what happened in a Sunday thread on Twitter. The attacker took out a flash loan from the Solend decentralized finance (DeFi) lending protocol, which was added as liquidity to a Crema pool.

The hacker then fabricated pricing data to make it seem as though they were owed a much bigger reward than they should have. This allowed them to take “a huge fee amount,” worth about $9.6 million from the pool to, which they added the flash loan.

Related: Dutch University set to recover more than twice the paid BTC ransom in 2019

The Crema protocol will be back up and running after the audit is complete, according to the team’s tweet. The team will also issue a compensation plan for affected users by July 8.

Crema is lucky to have recovered as much of the funds as it did, considering the calamity that befell the Horizon Bridge on Harmony last month. A hacker stole $100 million in crypto from Harmony’s token bridge and rejected the $1 million white hat bounty to return the funds.

‘Omega Candle’ Is the Next Step for Bitcoin, Says BTC Veteran Samson Mow – Here’s What He Means

Exploit Forces Crema Finance to Temporarily Suspend Services, $8.7 Million Stolen

Exploit Forces Crema Finance to Temporarily Suspend Services, .7 Million StolenAccording to the decentralized finance (defi) protocol Crema Finance, the application was hacked on July 2, 2022. A Twitter account called “Solanafm” says the defi protocol lost around $8.7 million from the attack. Crema Finance Vulnerability Causes Defi App to Lose Millions — 6 Flashloans Executed Another defi protocol has lost funds to a hacker […]

‘Omega Candle’ Is the Next Step for Bitcoin, Says BTC Veteran Samson Mow – Here’s What He Means