Token Radar
Token Radar
Markets
Top 100
Growth leaders
Leaders of fall
Blockchains
Tags
Crypto data
News
Exchanges
Funds
ICO/IDO
Tools
Converter
BTC Unit converter
ETH Unit converter
Cryptocurrency news

Sonne Finance Token Drops 60% After $20M Exploit on Optimism

CoinDesk / 15.05.2024 / 09:28
Sonne Finance Token Drops 60% After $20M Exploit on Optimism
Sonne Finance's SONNE token plummeted 60% to 2.5 cents after a hack drained $20 million from the decentralized lending protocol.The exploiters used a "donation" attack to manipulate markets. The incident occurred on the Optimism blockchain version; the Base blockchain version was unaffected.The exploit happened after the protocol added token markets for Velodrome Finance's VELO. The attacker took advantage of a two-day timelock to execute four transactions, creating markets and adding collateral factors.

Sonne Finance's SONNE token slumped after the developers acknowledged a hack that drained $20 million from the decentralized lending protocol early Wednesday.

SONNE slid 60% to 2.5 cents, its lowest level in over a year, cutting market cap to $20 million even after the developers said they were able to stop $6.5 million being siphoned off once they realized the attack was happening.

The exploiters utilized a “donation” attack to manipulate certain markets offered by the platform, stealing various tokens before being interrupted. The incident occurred on Sonne’s platform on the Optimism blockchain. The Base blockchain version was not affected. (Think of this as a mobile application getting hacked on Apple iOS, but remaining safe on Android.)

How the Exploit Happened

The exploit occurred after the protocol added token markets for Velodrome Finance’s VELO following a recent community proposal. The attacker took advantage of a two-day timelock to execute four transactions, which included creating markets and adding collateral factors.

A timelock contract is a smart contract embedded in a blockchain that executes a transaction at a specific time, in this case, two days after it was locked.

The attacker executed transactions by donating large amounts of cryptocurrency to manipulate the exchange rate between two tokens. That effectively tricked the platform into believing it had more collateral than was really available.

Blockchain data shows the attacker managed to transfer millions of VELO, ether, and USD Coin (USDC) following the manipulation. They later converted this to $8 million in bitcoin and ether and transferred the funds to a new wallet address in early European hours.

The protocol had previously avoided similar issues by adding markets with zero collateral factors, manually adding collateral, and permanently removing it before anyone was able to manipulate the market.

In a report on the exploit, the developers said they were working on retrieving the stolen funds and floated a bounty for the hacker.

Edited by Sheldon Reback.

Source
Recently News
See all news
  • Token Radar
© Token Radar 2024. All Rights Reserved.
IMPORTANT DISCLAIMER: All content provided herein our website, hyperlinked sites, associated applications, forums, blogs, social media accounts and other platforms (“Site”) is for your general information only, procured from third party sources. We make no warranties of any kind in relation to our content, including but not limited to accuracy and updatedness. No part of the content that we provide constitutes financial advice, legal advice or any other form of advice meant for your specific reliance for any purpose. Any use or reliance on our content is solely at your own risk and discretion. You should conduct your own research, review, analyse and verify our content before relying on them. Trading is a highly risky activity that can lead to major losses, please therefore consult your financial advisor before making any decision. No content on our Site is meant to be a solicitation or offer.