News View Non-AMP

DeFi Project Sonne Finance Shuts Down Markets After $20M Hack

Published by
Elena R

Yet again, the DeFi world has been hit with a string of horrifying hacks.

The latest target? Sonne Finance, a decentralized lending protocol operating on Optimism and Base, has fallen victim to a daring hacker, making off with a staggering $20 million. This exploit, reminiscent of vulnerabilities seen in Compound Finance forks, has sent shockwaves through the DeFi community.

Here’s what went down.

Understanding the Heist

Sonne Finance wasted no time in response to the breach, swiftly shutting down all markets on the Optimism platform to contain the damage. Yet, they ensured that funds on Base remained secure against the assault.

According to PeckShield, a blockchain security firm, the attacker targeted Sonne Finance by exploiting a well-known vulnerability found in Compound Finance forks. This flaw allowed the hacker to siphon approximately $20 million from Sonne Finance’s smart contracts within the Optimism network.

Exploiting Weaknesses

Sonne Finance, the derivative of Compound V2, was linked to certain weaknesses which were inherited from its codebase. Hundred Finance and Midas Capital were the victims of DeFi hacks last year and the same vulnerabilities have been used in the previous DeFi hacks. 

In these attacks, the malicious actors manipulate the exchange rates to increase the collateral values artificially so that they drain the pools of lending with few tokens.

The exploit that befell Sonne Finance was rooted in the implementation of a new market contract for VELO, coupled with a subsequent governance proposal to activate it. Seizing the opportune moment, the attacker executed the contract right on the heels of the completion of a 24-hour timelock, positioning themselves as the first to reap the spoils of the exploit.

Rising from the Ashes: Recovery Efforts Now in Place!

Post-exploit, Sonne Finance swiftly took decisive action, halting all Optimism markets to staunch the bleeding. Yet amidst the chaos, the Base market stood firm and resolute, untouched by the storm.

In their post-mortem of the incident, Sonne Finance put out a list of wallet addresses that belonged to the manipulator in an attempt to find the culprit. The team stressed their continuous efforts to retrieve the stolen funds, including offering a bug bounty, tapping into the support of the whole crypto community, and engaging with the relevant stakeholders.

There are many versions of Compound V2 already in circulation; hence, security protocols should be the priority, which includes regular audits and timely vulnerability patches.

We’ve got you. Here’s a look at DeFi security best practices: Learn DeFi and Take Control of Your Finances

Elena R

Elena is an expert in technical analysis and risk management in cryptocurrency market. She has 10+year experience in writing - accordingly she is avid journalists with a passion towards researching new insights coming into crypto erena.

Recent Posts

Crypto Pro Who 500x’d on PEPE Says This Coin Is the Next Big Thing—And It’s Launching Now!

A seasoned crypto expert, renowned for turning a remarkable profit on PEPE, now points to…

April 20, 2025

Dogecoin (DOGE) and 2 More Altcoins You Can’t Afford to Miss in 2025

Dogecoin (DOGE) showed strong market growth by reaching $0.1569 while increase and 3.3% within 24…

April 20, 2025

SHIB Investors Turning Heads—Influencer Pepe to Lead New Meme Coin Revolution

Shiba Inu (SHIB) investors are stirring—after a wild ride, SHIB’s holding steady at $0.00001222 with…

April 20, 2025

The 5 Most Talked-About Cryptos of Q1 2025, Are You Holding Them?

Rexas Finance (RXS) has emerged as the leading topic in crypto circles in Q1 2025,…

April 20, 2025

Is Pi Network Breakout Imminent? New Roadmap Sparks 4% Surge Amidst Mixed Reactions

Pi Network price has surged over 4% in the past 24 hours following the launch…

April 20, 2025

Charles Schwab to Launch Spot Crypto Trading by 2026, Boosting Bitcoin and Ethereum Access

Charles Schwab’s new CEO, Rick Wurster, announced that the company is gaining significant momentum in…

April 20, 2025