News View Non-AMP

DeFi Project Sonne Finance Shuts Down Markets After $20M Hack

Published by
Elena R

Yet again, the DeFi world has been hit with a string of horrifying hacks.

The latest target? Sonne Finance, a decentralized lending protocol operating on Optimism and Base, has fallen victim to a daring hacker, making off with a staggering $20 million. This exploit, reminiscent of vulnerabilities seen in Compound Finance forks, has sent shockwaves through the DeFi community.

Here’s what went down.

Understanding the Heist

Sonne Finance wasted no time in response to the breach, swiftly shutting down all markets on the Optimism platform to contain the damage. Yet, they ensured that funds on Base remained secure against the assault.

According to PeckShield, a blockchain security firm, the attacker targeted Sonne Finance by exploiting a well-known vulnerability found in Compound Finance forks. This flaw allowed the hacker to siphon approximately $20 million from Sonne Finance’s smart contracts within the Optimism network.

Exploiting Weaknesses

Sonne Finance, the derivative of Compound V2, was linked to certain weaknesses which were inherited from its codebase. Hundred Finance and Midas Capital were the victims of DeFi hacks last year and the same vulnerabilities have been used in the previous DeFi hacks. 

In these attacks, the malicious actors manipulate the exchange rates to increase the collateral values artificially so that they drain the pools of lending with few tokens.

The exploit that befell Sonne Finance was rooted in the implementation of a new market contract for VELO, coupled with a subsequent governance proposal to activate it. Seizing the opportune moment, the attacker executed the contract right on the heels of the completion of a 24-hour timelock, positioning themselves as the first to reap the spoils of the exploit.

Rising from the Ashes: Recovery Efforts Now in Place!

Post-exploit, Sonne Finance swiftly took decisive action, halting all Optimism markets to staunch the bleeding. Yet amidst the chaos, the Base market stood firm and resolute, untouched by the storm.

In their post-mortem of the incident, Sonne Finance put out a list of wallet addresses that belonged to the manipulator in an attempt to find the culprit. The team stressed their continuous efforts to retrieve the stolen funds, including offering a bug bounty, tapping into the support of the whole crypto community, and engaging with the relevant stakeholders.

There are many versions of Compound V2 already in circulation; hence, security protocols should be the priority, which includes regular audits and timely vulnerability patches.

We’ve got you. Here’s a look at DeFi security best practices: Learn DeFi and Take Control of Your Finances

Elena R

Elena is an expert in technical analysis and risk management in cryptocurrency market. She has 10+year experience in writing - accordingly she is avid journalists with a passion towards researching new insights coming into crypto erena.

Recent Posts

This Hot New Altcoin In DeFi Is Turning Heads

As the month of May draws to a close, investors are searching for the best…

June 1, 2025

Best Crypto Coins to Watch This Week and Buy

This week’s crypto spotlight shines brightly on a select group of coins capturing investor interest…

June 1, 2025

Missed Bitcoin at $1? Bitcoin Solaris at $5 Is the Closest You’ll Get to a Real Second Shot

Most investors who passed on Bitcoin early didn’t lack belief — they lacked access, context,…

June 1, 2025

MOONPIG Price Crashes 65% & Kaspa Holds as Punisher Coin See Whale Action: Is this the Next 1000x Pump?

Is meme coin season peaking, or just getting smarter? Right now, Kaspa (KAS) market sentiment…

June 1, 2025

Pi Network 2025 Year-End Price Prediction

The Pi Network price charts are showing signs of brewing tension, with the price moving…

June 1, 2025

XRP Price News: Key Levels to Watch This Week

The cryptocurrency market continues to keep traders on edge, and XRP is no exception. Let’s…

June 1, 2025