Sonne Finance Cyberattack: Decentralized Lending Platform Loses $20 Million

On May 14th, Sonne Finance, a decentralized lending protocol, faced a cyberattack that resulted in the theft of $20 million. The attack, which occurred around 10:30 pm UTC, was orchestrated by exploiting a donation feature within the platform, allowing the perpetrator to manipulate exchange rates and steal various tokens.

Sonne Finance Hack: Decentralized Lending Protocol Loses $20 Million, Token Value Plummets

On May 14th, at approximately 10:30 pm UTC, decentralized lending protocol Sonne Finance fell victim to a brazen cyberattack that resulted in the theft of $20 million worth of cryptocurrency. This catastrophic event has sent shockwaves through the industry and exposed critical vulnerabilities in the burgeoning DeFi sector.

The perpetrators of this malicious plot exploited a flaw in Sonne Finance's "donation" feature, cleverly manipulating the platform's token markets to pilfer a vast array of digital assets. The attack targeted pairs offered by the platform, and the hackers managed to steal multiple tokens before their actions were detected and ultimately halted.

Sonne Finance, in a move to enhance its platform's functionality, had recently introduced token markets for Velodrome Finance's VELO in response to a community proposal. However, this move inadvertently created an opportunity for the attackers to exploit a two-day timelock embedded within the protocol.

Timelock contracts are smart contracts designed to execute transactions at a predetermined time. In the case of Sonne Finance, this timelock was set to two days after it was initiated. The attacker, with cunning and malicious intent, donated substantial amounts of crypto assets to manipulate the exchange rate between two tokens. This deceptive tactic tricked the platform into believing there was sufficient collateral, a fabricated illusion.

The attack was first detected by Cyvers, a renowned Web 3.0 security firm, approximately 25 minutes after its commencement. However, the exploit had already taken its toll on the Optimism blockchain version of the Sonne Finance platform, while the Base version remained unscathed.

The stolen cryptocurrency included Sonne Finance's USD Coin (USDC), Wrapped Ether (WETH) contracts, Velo (VELO), soVELO, and Wrapped USDC (USDC.e). The perpetrator swiftly converted $8 million worth of these digital currencies into Bitcoin (BTC) and Ethereum (ETH), transferring them to a newly created wallet address, leaving behind a trail of malicious activity.

Sonne Finance, determined to recover its stolen assets, announced the suspension of all markets on the Optimism blockchain. The protocol has partnered with Cyvers to conduct a thorough investigation into the incident. Additionally, Sonne Finance has informed users that they are actively pursuing the recovery of the siphoned cryptocurrencies.

In an attempt to entice the hacker to collaborate in identifying the vulnerability exploited, Sonne Finance has offered a 10% bug bounty, allowing the perpetrator to retain a portion of the stolen funds. However, the hacker's decision to transfer a significant amount of digital assets to a new wallet suggests a reluctance to engage in negotiations.

This brazen attack on Sonne Finance highlights the ongoing challenges and vulnerabilities faced by the DeFi sector. It underscores the critical need for enhanced security measures and robust protocols to safeguard user funds and protect the integrity of decentralized finance.

The incident serves as a wake-up call for the entire crypto community, emphasizing the paramount importance of vigilance, due diligence, and constant innovation to stay ahead of malicious actors. As the DeFi landscape continues to evolve, it is imperative that protocols, exchanges, and users alike remain vigilant to combat cyber threats and ensure the integrity of the burgeoning digital asset ecosystem.