Finance team pays tribute to hacker who returned stolen money

The Crema Finance team again paid tribute to their hacker, who returned $0.44 million of the stolen money by awarding him a white hat bounty.

The hacker who exploited the Solana-based liquidity protocol Crema Finance on July 2 returned most of the funds, but was allowed to keep $1.6 million as a white hat bounty.

The bounty, 45,455 Solana (SOL), is worth a generous 16.7% of the $9.6 million that Crema lost initially, which forced the protocol to suspend services.

Crema's team began an investigation to identify the hacker by tracking their Discord handle and tracing the original gas source for the hacker's address. The team was on track to uncovering the secret identity of the hacker, but it announced that it had been negotiating with them. On July 6, they returned 6,064 Ether (ETH) and 23,967 SOL worth about $8 million.

The hacker returned the funds in a series of transactions on Ethereum and Solana blockchains. The first transaction on each blockchain was a test with a small amount of coins, while the following one was worth most of the funds sent.

With the funds of Crema now secure, users of the platform and the team have a reason to relax. However, there is still work to do. Before the deal was concluded, the team announced that it had submitted new code for analysis in order to prevent a repeat of this exploit.

The Crema team has released a statement on what happened in the attack, which was published on Twitter's thread. The attacker took out a flash loan from the Solend DeFi lending protocol, which was added as liquidity to one of Crema's pools.

The hacker created false pricing data to make it seem as though they deserved a bigger reward than they actually did. Using that information, they were able to take "a hefty sum" worth about $9.6 million from the pool and apply it as a flash loan in their favor.

After the audit is finished, the team will resume operations of the Crema protocol. They have also promised to reveal a compensation plan for affected users by July 8.

The white hat bounty of $1 million, offered by the Harmony token bridge after a hacker stole $100 million in crypto from it last month, was rejected by the hacker. The loss of funds could have been much worse for Crema, considering that the Horizon Bridge on Harmony was affected by a calamity.