SonneFinance DeFi Becomes Latest Hack Victim With $20Million Wiped Out
SonneFinance a decentralized financial service is currently suffering from an ongoing attack with an additional $17 million stolen and the total value loss is more than $20 million.
Initially, cybertecwiz detected an attack on SonneFinance with an initial loss of $3 million that had been stolen from their USDC and WETH contracts. SonneFinance received urgent alerts from multiple users, urging immediate action.
According to the source, the SonneFinance team is working on the situation. Furthermore, the firm has paused the markets on Optimism as a precautionary method for now and is in contact with some parties to stop the hacker from moving stolen funds. It’s important to note that they are a CompoundV2 fork with a patch for the zero supply vulnerability.
SonneFinance Community Confusion On Lack Of Response
Many active followers of SonneFinance have concluded that the company is losing a significant amount of money. The Medium post from the company appears to target a technical audience, raising concerns about inclusivity within the community. The language used seems to be a deliberate choice to obscure simple facts, such as “we didn’t hire a security partner” or similar matters.
It’s important to note that the company could have improved its security measures by partnering with two reputable security vendors, @HypernativeLabs and @hexagate, to enhance its security.
Unfortunately, the lack of response led to financial losses for the community, and accountability is necessary. Surprisingly, they didn’t update their graphical user interface to signal a breach.
Hacker Launders $9 Million of $246 Million From Parity Multisig Hack
A threat actor recently laundered $9 million from the loot they exfiltrated from Parity Multisig. In 2017, researchers uncovered a critical vulnerability in wallet version 1.5+ with far-reaching implications, marking a significant discovery.
Exploiting this flaw, a hacker managed to steal over 150,000 ETH, valued at approximately 30 million USD at the time. This incident marked a significant event in the history of cryptocurrency theft, highlighting the hacker’s remarkable patience and strategic approach.
On May 13, the same threat actor began laundering 3,050,000 ETH, equivalent to $9 million, through an exchange platform. To execute this process, the hacker utilized multiple consolidated Ethereum addresses.
