Sonne Finance Hack Drains $20 Million in Crypto, BlockTower Capital Hit in Separate Incident – Negotiations Stalled


Sonne Finance, a decentralized lending protocol, has been forced to halt operations after a security breach resulted in the theft of $20 million in cryptocurrency. The attack, detected on May 14th, targeted Sonne’s USD Coin (USDC) and Wrapped Ether (WETH) contracts. Despite efforts to recover the funds, the hacker appears uninterested in negotiation and has already begun laundering the stolen assets.

Slow Response Costs Sonne Dearly

Web3 security firm Cyvers identified the attack in progress around 10:30 pm UTC on May 14th. However, by the time Sonne Finance became aware of the situation 25 minutes later, the hacker had already absconded with a significant sum. The stolen crypto included WETH, Velo (VELO), soVELO, and Wrapped USDC (USDC.e).

Related: Sonne Finance Hacked for $20 Million in DeFi Exploit

In response, Sonne Finance paused all markets on its Optimism platform and partnered with Cyvers for a thorough investigation. Recovering the stolen funds remains a top priority, with bug bounty negotiations being explored as a potential solution. In such agreements, hackers return a portion of the stolen crypto in exchange for a reward.

Hacker Unwilling to Cooperate

Unfortunately, negotiations seem unlikely to bear fruit. Blockchain investigator PeckShield reports that the hacker has already moved a substantial portion of the stolen funds ($7.8 million) to a new wallet address.

Further analysis revealed the conversion of a significant amount of the stolen Bitcoin (WBTC) into Ether (ETH) and Dai (DAI). This suggests the hacker’s intention to obfuscate the trail by laundering the stolen crypto through a privacy protocol like Tornado Cash.

The post-mortem analysis by Sonne Finance revealed a critical vulnerability. According to a community member (PoorBabyCorn), the attack exploited a known bug within Sonne’s Compound v2 forks. This revelation has sparked outrage within the community, with accusations directed at Sonne Finance for knowingly using a risky system.

BlockTower Capital Hit in Separate Incident

News of the Sonne Finance hack coincides with reports of a separate security breach at BlockTower Capital, a prominent crypto hedge fund. While details regarding the nature of the attack and the amount stolen remain undisclosed, it’s known that BlockTower has engaged forensic analysts to track the stolen funds. The firm has also informed its partners about the incident.

This string of events highlights the ongoing vulnerability of DeFi protocols and the immense challenge of securing vast sums of cryptocurrency. As investigations into both breaches continue, the crypto community awaits further developments.

About The Author