Share this article
Solana DeFi Protocol Crema Loses $8.8M in Exploit
Crema Finance developers said they are coordinating with “relevant organizations” to gather more information.
Updated Apr 9, 2024, 11:29 p.m. Published Jul 4, 2022, 8:23 a.m.
Solana-based liquidity protocol Crema Finance had more than $8.78 million worth of cryptocurrencies stolen from its platform in an attack over the weekend, developers said in a tweet.
Crema said it had suspended its smart contract after the exploit. The protocol allows liquidity providers to set specific price ranges, add single-sided liquidity and conduct range order trading. This makes for a sophisticated and decentralized trading platform.
STORY CONTINUES BELOW
“We've been closely working with several experienced security institutes and relevant organizations to track the hacker's fund movements,” the developers said in a tweet.
Value locked on Crema plunged to $3 million on Monday from over $12 million on Saturday following the exploit, data shows. Crema has seen trading volumes of $1.34 billion since its inception in January.
The attacker started by creating a fake tick account. A tick account is "a dedicated account that stores price tick data in CLMM,” the developers said, referring to Crema's market making protocol. After that, the attacker exploited a command by writing the data on the fake account and circumventing security measures.
4) After creating the fake tick account, the hacker circumvented our routined owner check on the tick account by writing the initialized tick address of the pool into the fake account. Txid: https://t.co/X0IneBg9ut
— CremaFinance (@Crema_Finance) July 3, 2022
The attacker then used a flash loan to manipulate the prices of assets on liquidity pools. This, along with the false data entries, allowed the attacker to claim “a huge fee amount out from the pool.”
Flash loans allow traders to borrow unsecured loans from lenders by relying on smart contracts instead of third parties.
The stolen funds were swapped to 69422.9 solana (SOL) and 6,497,738 USD coin (USDC). The Solana-based USDC was then bridged to the Ethereum network via Wormhole and swapped to 6,064 ether (ETH). These funds amount to over $8.5 million at current prices.
The attacker’s Ethereum address, 0x8021b2962dB803b73Aa874030B0B42c202E8458F as flagged by blockchain scanning tool Etherscan, had not moved the stolen funds or converted to other coins at writing time, the data show.
More For You
需要了解的:
- As of October 2025, GoPlus has generated $4.7M in total revenue across its product lines. The GoPlus App is the primary revenue driver, contributing $2.5M (approx. 53%), followed by the SafeToken Protocol at $1.7M.
- GoPlus Intelligence's Token Security API averaged 717 million monthly calls year-to-date in 2025 , with a peak of nearly 1 billion calls in February 2025. Total blockchain-level requests, including transaction simulations, averaged an additional 350 million per month.
- Since its January 2025 launch , the $GPS token has registered over $5B in total spot volume and $10B in derivatives volume in 2025. Monthly spot volume peaked in March 2025 at over $1.1B , while derivatives volume peaked the same month at over $4B.
More For You
El Salvador Partners with Elon Musk’s Grok in AI-Powered Education for 1M Students
The nation that first adopted bitcoin as legal tender is looking to pioneer AI-powered education in 5,000 Salvadoran schools with xAI’s Grok
需要了解的:
- El Salvador is partnering with Elon Musk's xAI to launch the world's first national AI-powered public education system.
- The initiative will deploy xAI's Grok chatbot to over 5,000 public schools, benefiting more than a million students and thousands of teachers.
- The project aims to create new AI datasets and frameworks for education, focusing on local context and responsible AI use.
Top Stories
