On the evening of May 14, Sonne Finance, a prominent lending protocol, experienced a severe security breach that resulted in the theft of $20 million in cryptocurrencies. The hack targeted Sonne Finance’s contracts for USD Coin (USDC) and Wrapped Ether (WETH) on the Optimism network.
At approximately 10:30 pm UTC, the Web3 security firm Cyvers detected the attack in progress. Despite Sonne Finance becoming aware of the breach 25 minutes later, the hacker had already extracted cryptocurrencies including WETH, Velo (VELO), soVELO, and Wrapped USDC (USDC.e). By 12:11 am UTC, Sonne Finance had halted all operations on the Optimism network to prevent further damage.
Immediate Actions and Investigation
Following the discovery of the hack, Sonne Finance collaborated with Cyvers to delve deeper into the incident. The protocol expressed intentions to recover the stolen funds and even proposed a bug bounty to the hacker, offering them to retain a portion of the stolen assets in exchange for returning the majority. However, the hacker showed no interest in negotiating.
Blockchain analysis by PeckShield revealed that shortly after the attack, the hacker moved $7.8 million to a new wallet and swiftly converted assets, exchanging 59 Wrapped Bitcoin (WBTC) for approximately 1,185 Ether and 183,000 Dai. The transactions were seemingly aimed at obfuscating the trail of the stolen funds through privacy protocols, potentially Tornado Cash.
Community Response and Criticism
The hack exposed vulnerabilities in Sonne Finance’s use of Compound v2 forks, known to contain certain flaws. Community members have criticized the protocol for its decision to use a vulnerable system, with some suggesting the oversight could have been deliberate.
This incident underscores the ongoing risks within decentralized finance (DeFi) related to security vulnerabilities. It also highlights the challenges in managing and safeguarding digital assets against sophisticated cyber threats.
Additional Related Incidents
Parallel to this event, BlockTower Capital, a major crypto institutional investment firm, also reported an exploit. Details remain scarce, but it is known that a significant amount of assets were affected, adding to the concerns about security in the crypto finance sector.
The Sonne Finance hack is a stark reminder of the critical need for enhanced security measures within the DeFi space. As the protocol and the community assess the fallout and seek paths to recovery, the incident may catalyze important discussions and developments aimed at bolstering the resilience of digital asset platforms against such threats.
The crypto community and potential investors are advised to stay informed and cautious, considering the volatile nature of the crypto markets and the sophistication of cyber threats targeting digital assets.
Featured image credit: Sonne Finance via Medium