Sonne Finance, a decentralized lending protocol built on the Optimism and Base blockchains, has fallen victim to a $20 million exploit, causing its native SONNE token to plummet by 60%.
The attack, which occurred on Wednesday, took advantage of a vulnerability in the protocol’s Compound v2 forks, enabling the hacker to manipulate markets and steal various tokens, including ether, velo, and stablecoins.
TLDR
- Sonne Finance, a decentralized lending protocol, suffered a $20 million exploit due to a vulnerability in its Compound v2 forks.
- The attacker used a “donation” attack to manipulate markets on the Optimism blockchain version of the protocol, stealing various tokens, including ether, velo, and stablecoins.
- Sonne Finance’s SONNE token plummeted 60% to 2.5 cents following the hack, cutting its market cap to $20 million.
- Developers were able to mitigate the attack and pause operations on Optimism, but markets on the Base blockchain remained unaffected.
- The protocol is working on retrieving the stolen funds and has offered a bounty to the attacker in exchange for their return, but the hacker has already moved a large portion of the loot to a new wallet address.
The attacker employed a “donation” attack, a method that involves manipulating the exchange rate between two tokens by donating large amounts of cryptocurrency.
This effectively tricked the platform into believing it had more collateral than was actually available, allowing the hacker to siphon off funds.
Blockchain data reveals that the attacker managed to transfer millions of VELO, ether, and USD Coin (USDC) following the manipulation.
They later converted $8 million of the stolen funds into bitcoin and ether, transferring them to a new wallet address in the early hours of the morning.
#PeckShieldAlert @SonneFinance exploiter-labeled address has transferred $7.8M worth of cryptos, including 100 $WBTC & 556.1 $ETH, to a new address 0x6277…4c07 #Optimism pic.twitter.com/g4oiP5akr4
— PeckShieldAlert (@PeckShieldAlert) May 15, 2024
The exploit occurred shortly after Sonne Finance added token markets for Velodrome Finance’s VELO, following a recent community proposal.
The attacker took advantage of a two-day timelock to execute four transactions, creating markets and adding collateral factors. Timelocks are smart contracts that execute transactions at a specific time, in this case, two days after being locked.
In response to the attack, Sonne Finance’s developers were able to mitigate the damage and pause all markets on the Optimism blockchain.
However, the protocol’s markets on the Base blockchain remained operational, as the exploit only affected the Optimism version of the platform.
The incident had a significant impact on the value of Sonne Finance’s native token, SONNE, which plummeted by 60% to 2.5 cents, its lowest level in over a year.
This drop in price cut the token’s market cap to $20 million, despite the developers’ efforts to prevent an additional $6.5 million from being stolen once the attack was discovered.
Sonne Finance has stated that they are working on retrieving the stolen funds and have offered a bounty to the hacker in exchange for their return.
However, the attacker has already moved a large portion of the loot, approximately $7.8 million worth of cryptocurrencies, to a new wallet address, suggesting that they may not be interested in negotiating a return of the funds.
The exploit has raised questions about the security of decentralized lending protocols and the risks associated with using forked versions of existing platforms.
Some members of the crypto community have criticized Sonne Finance for using Compound v2 despite being aware of its known vulnerabilities, with one individual even suggesting that the exploit may have been a premeditated backdoor.