Sonne Finance Hacked for $20M, Markets Paused on Optimism Network

by BSC News

May 15, 2024


The attack, first detected by Web3 security firm Cyvers, saw the hacker exploit a two-day timelock to manipulate the platform and steal Wrapped Ether (WETH), Velo (VELO), soVELO, and Wrapped USDC (USDC.e).

Sonne Finance, a decentralized lending protocol, experienced a severe exploit on Wednesday morning in Asia, resulting in approximately $20 million in losses.ย 

The attack was first detected by Web3 security firm Cyvers on May 14 at around 10:30 pm UTC. Despite the prompt detection, the hacker managed to steal $20 million in Wrapped Ether (WETH), Velo (VELO), soVELO, and Wrapped USDC (USDC.e) before Sonne Finance became aware of the situation 25 minutes later.

Nature of the Exploit

The attackย occurred following Sonne Finance's addition of token markets for Velodrome Financeโ€™s VELO, a decision made after a community proposal. The hacker exploited a two-day timelock to execute four transactions, which included creating markets and adding collateral factors.ย 


The attacker executed transactions by donating large amounts of cryptocurrency to manipulate the exchange rate between two tokens. This manipulation tricked the platform into believing it had more collateral than was actually available.ย 


Blockchain data reveals that the attacker managed to transfer millions of VELO, ether, and USDC following the manipulation. They later converted these assets into $8 million in bitcoin and ether, transferring the funds to a new wallet address in the early hours of the European trading session.


The hacker swapped 59 WBTC for approximately 1,185 ether and 183,000 DAI, indicating an intent to use a privacy protocol like Tornado Cash to obscure the trail of the stolen funds. This strategic move highlights the sophisticated techniques employed by the attacker to avoid detection and traceability.


The hack had a significant impact on the market, causing the price of SONNE to plummet by 60% to 2.8 cents, its lowest level in over a year. This decline cut the market cap toย $2.2 million, even after the developers managed to stop $6.5 million from being siphoned off once they became aware of the attack.

Markets Paused and Partnership with Cyvers

Sonne Finance paused all markets on the Optimism network in response to the breach on X (formerly Twitter). This quick action aimed to prevent further losses. Sonne Finance then partnered with Cyvers to investigate the incident.

Sonne Finance is currently exploring all options to retrieve the stolen funds. One approach under consideration is negotiating a bug bounty with the hacker. In such scenarios, the hacker might return most of the stolen funds and keep roughly 10% as a reward for identifying a security flaw.ย 


The team has indicated that, while they cannot recover the stolen funds immediately, the investigation into the hackerโ€™s identity is ongoing.


This is not the first time Sonne Finance has faced security challenges. In February 2023, the protocol lost $1.55 million of TrueFi tokens in an exploit. Such recurring issues highlight the persistent vulnerabilities within DeFi protocols and the need for continuous improvement in security practices.


Disclaimer: The views expressed in this article do not necessarily represent the views of BSCNews. The information provided in this article is for educational and informational purposes only and should not be construed as investment advice. BSCNews assumes no responsibility for any investment decisions made based on the information provided in this article

Related News

More News