Sonne Finance Loses $20M to “Known Donation Attack”

Sonne Finance responds to a multimillion-dollar attack on its Compound v2 forks.

by . Fact checked by: Ciaran Lawler, Editor: Stefan Trapp
Published:
Bats are flying out of a broken piggy bank. guy with a baseball bat watching.
Created by Kornelija Poderskytė from DailyCoin
Google News Follow Button
  • Sonne Finance has been exploited.
  • Assets worth millions of dollars were stolen following the attack.
  • The protocol has initiated the recovery process.

Sonne Finance has lost millions of dollars to a “known donation attack” on its Compound v2 forks on Arbitrum, the protocol announced on Wednesday.

Launched in September 2022, Sonne Finance brands itself as a decentralized, non-custodial liquidity market protocol on Optimism Mainnet and Base. The protocol allows users to deposit their assets as collateral for borrowing various assets against them, including WBTC, WETH, USDT, USDC, and DAI.

Sonne Finance Suffers an Attack

On May 15, blockchain security firm Cyvers alerted the X (Twitter) crypto community to an attack on Sonne Finance, estimating that $3 million had been stolen from the protocol’s USDC and WETH contracts.

Sponsored

Without directly addressing the issue, the Sonne Finance team informed its users two hours later that “all markets on Optimism have been paused,” urging them to stay tuned for more updates.

Hours after its first update, Sonne Finance issued a detailed post-mortem of the incident, noting that the attacker had exploited four of the multiple transactions scheduled by the protocol on May 12 as part of its plan to integrate VELO markets.

“After the execution of the markets without us noticing, the attacker was able to exploit the protocol for ~$20M with the known donation attack,” the Sonne Finance team wrote.

Noting that it became aware of the incident 25 minutes later, Sonne Finance said it had assembled a “war room” to investigate the exploiter’s identity to recover the stolen funds.

Sponsored

“We are ready to give bounty to exploiter as well as not to commit pursuing the issue further, in case of returning the funds.” The protocol said.

Per the post-mortem report, besides doing everything in its “power,” Sonne Finance is in “contact with anyone that can help with recovering the funds.”

Stay updated on North Korea’s malware targeting crypto exchanges:
How North Korea’s Durian Malware Targets Crypto Exchanges

Read how Parity Wallet hacker began laundering stolen loot after seven years of inactivity:
Parity Wallet Hacker Launders $9M After Seven Years Hiatus

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Tags
Author
Brian Danga
Brian Danga

Brian Danga, a Kenyan crypto reporter, is dedicated to delivering breaking news and updates from the cryptocurrency world. With a background as a Web3 writer and project manager, he recognizes the importance of unbiased reporting. Holding an LLB degree from the University of Nairobi, Brian's analytical skills contribute to his accurate news reporting. His personal interests include cooking, watching documentaries, reading, and engaging in intellectual discussions.