$20m Exploitation Cripples Son’s Finances, Hacker Doesn’t Feel Like Negotiating

$20m Exploitation Cripples Son's Finances, Hacker Doesn't Feel Like Negotiating


Lending protocol Son Finance was forced to suspend its operations after withdrawing an estimated $20 million worth of cryptocurrencies from the market.

On May 14, around 10:30 UTC, Web3 security firm Syvers noticed an ongoing attack on Son Finance's US Dollar (USDC) and Ethereum (WETH) contracts.

However, by the time Sony Finance learned of the situation 25 minutes later, the hacker had stolen $20 million in WETH, VELO (VELO), soVELO and Wrapped USDC (USDC.e).

Source: Son Finance

On May 15 at 12:11 a.m. UTC, Son Finance announced on X that “all bullish markets are standing still.” Soon after, the protocol teamed up with Syvers to investigate the situation further.

Phemex

Son is currently exploring all options to recover the stolen funds, including negotiating a bug bounty for the hacker. In such cases, the hacker returns most of the stolen money and keeps 10% of the loot as a reward for finding the security flaw.

However, the hacker seems to be in no mood for negotiation. According to blockchain investigator PeckShield, the exploiter transferred most of the loot ($7.8 million) to a new wallet address.

0bed5fef 4753 45d2 a4b0 5e29167070b5
Source: PeckShield

The exploiter converted 59 WBTC to 1,185 ETH and 183,000 DAI. The move suggests a desire to curb the possibility of tracking stolen funds using Tornado's raw privacy protocol.

Sonne Finance's post-mortem donation attack was conducted on Sonne's Compound v2 forks, which had a known bug, according to X community member PoorBabyCorn.

He accused Son Finance of knowingly using Compound v2 and asked, “If this isn't a premeditated backdoor, what is?” they asked.

In parallel, crypto institutional investment firm Blocktower Capital's flagship hedge fund was reportedly divested and partially exited.

The funds have not been recovered and BlockTower has hired blockchain forensic analysts to trace the funds and determine how they were compromised. The exploiter has not been caught, Bloomberg reported on May 15, citing people familiar with the matter.

Related: Stolen Poloniex Ether Worth $53M Never Returned to Exchange

The partners were informed about the incident. It is said to have $1.7 billion in assets under management.

BlockTower did not immediately respond to Cointelegraph's request for comment.

In February of last year, BlockTower appears to have lost around $1.5 million in a $2 million exploit from multi-chain exchange aggregator Dexible.

Dexible said 85 percent of the stolen funds came from “a few big whales.” On-chain intelligence platform Arkham Intelligence has identified a $1.5 million leaked wallet as belonging to Blocktower.

Magazine: ‘Sic AIs on Each Other' AI to Prevent Apocalypse: David Brin, Sci-Fi Author

Leave a Reply

Pin It on Pinterest