Solana-based liquidity protocol Crema Finance had more than $8.78 million worth of cryptocurrencies stolen from its platform in an attack over the weekend.

Crema Finance is a protocol for concentrating liquidity that runs on top of the Solana blockchain.

The protocol enables liquidity providers to add single-sided liquidity, define price ranges, and trade range orders. As a result, a sophisticated and decentralized trading platform is created.

As soon as Crema Finance became aware of the hack on its protocol, it took immediate action to suspend the liquidity services.

This was done to prevent the hacker from depleting the liquidity reserves of Crema Finance, which included the cash of the service provider and investors.

Over the weekend, Crema confirmed the incident over Twitter and stated they were temporarily suspending their operation.

The Tweet reads, "Attention! Our protocol seems to have just experienced a hacking. We temporarily suspended the program and are investigating it. Updates will be shared here ASAP."

Crema Finance's Hacking Incident

The Solana-based protocol, Crema Finance, was transparent with their audience on Twitter and updated the current findings about how the hacking happened.

The Solana-based platform was attacked by a hacker who created a fake tick account. A dedicated account known as a tick account is used by CLMM to store data regarding price ticks.

Unfortunately, the hacker was able to go beyond Crema's routine account owner check that was performed on the tick account.

The next thing the hacker did was deploy a contract, which the hacker then utilized to borrow a flash loan from Solend in order to add liquidity to open positions on Crema.

Traders are able to obtain unsecured loans from lenders through the use of flash loans since they rely on smart contracts rather than on third-party intermediaries.

The information found in the tick account is utilized extensively throughout the process of calculating transaction fees in CLMM.

As a consequence of this, the genuine transaction fee data was substituted with the faked data, and as a consequence, the hacker was able to finish the theft by claiming a substantial fee amount from the pool.

Read Also: Bank of the West Warns Customers After Skimmers That Steal Debit Card Info were Found in ATMs

Crema Finance's Crypto Hacker

Crema Finance stated that after the incident, another way they could minimize the impact is to suspend their smart contract. The DeFi company stated that they are currently working with security specialists that are experienced in the field and relevant organizations to track the movement of the hacked crypto.

According to CoinDesk, "The stolen funds were swapped to 69422.9 solana (SOL) and 6,497,738 USD Coin (USDC)." The report added, "The Solana-based USDC was then bridged to the Ethereum network via Wormhole and swapped to 6,064 ether (ETH)."

Since its initial conception in January, the protocol has seen $1.34 billion in trading volume. CoinDesk stated that the value of Crema was reduced to $3 million on Monday from over $12 million on Saturday as a result of the hacking incident.

At today's values, these funds are worth more than $8.5 million in total. The SOLANA address of the hacker is Esmx2QjmDZMjJ15yBJ2nhqisjEt7Gqro4jSkofdoVsvY.

While the hacker's Ethereum address is 0x8021b2962dB803b73Aa874030B0B42c202E8458F.

According to Etherscan, the Ethereum address has not moved the stolen assets or converted them to any other currency as of the time this article was written.

Related Article: OpenSea Data Breach: Users' Email Addresses Have Been Leaked