News View Non-AMP

DeFi Project Sonne Finance Shuts Down Markets After $20M Hack

Published by
Elena R

Yet again, the DeFi world has been hit with a string of horrifying hacks.

The latest target? Sonne Finance, a decentralized lending protocol operating on Optimism and Base, has fallen victim to a daring hacker, making off with a staggering $20 million. This exploit, reminiscent of vulnerabilities seen in Compound Finance forks, has sent shockwaves through the DeFi community.

Here’s what went down.

Understanding the Heist

Sonne Finance wasted no time in response to the breach, swiftly shutting down all markets on the Optimism platform to contain the damage. Yet, they ensured that funds on Base remained secure against the assault.

According to PeckShield, a blockchain security firm, the attacker targeted Sonne Finance by exploiting a well-known vulnerability found in Compound Finance forks. This flaw allowed the hacker to siphon approximately $20 million from Sonne Finance’s smart contracts within the Optimism network.

Exploiting Weaknesses

Sonne Finance, the derivative of Compound V2, was linked to certain weaknesses which were inherited from its codebase. Hundred Finance and Midas Capital were the victims of DeFi hacks last year and the same vulnerabilities have been used in the previous DeFi hacks. 

In these attacks, the malicious actors manipulate the exchange rates to increase the collateral values artificially so that they drain the pools of lending with few tokens.

The exploit that befell Sonne Finance was rooted in the implementation of a new market contract for VELO, coupled with a subsequent governance proposal to activate it. Seizing the opportune moment, the attacker executed the contract right on the heels of the completion of a 24-hour timelock, positioning themselves as the first to reap the spoils of the exploit.

Rising from the Ashes: Recovery Efforts Now in Place!

Post-exploit, Sonne Finance swiftly took decisive action, halting all Optimism markets to staunch the bleeding. Yet amidst the chaos, the Base market stood firm and resolute, untouched by the storm.

In their post-mortem of the incident, Sonne Finance put out a list of wallet addresses that belonged to the manipulator in an attempt to find the culprit. The team stressed their continuous efforts to retrieve the stolen funds, including offering a bug bounty, tapping into the support of the whole crypto community, and engaging with the relevant stakeholders.

There are many versions of Compound V2 already in circulation; hence, security protocols should be the priority, which includes regular audits and timely vulnerability patches.

We’ve got you. Here’s a look at DeFi security best practices: Learn DeFi and Take Control of Your Finances

Elena R

Elena is an expert in technical analysis and risk management in cryptocurrency market. She has 10+year experience in writing - accordingly she is avid journalists with a passion towards researching new insights coming into crypto erena.

Recent Posts

Hong Kong’s VMS Group Eyes $10M Crypto Investment

VMS Group, a multi-family office managing nearly $4 billion in assets, is preparing to invest…

June 24, 2025

AE Coin Adoption Grows in UAE: From Airline Bookings to Taxi Rides

UAE taxi riders can now pay using AE Coin, a Dirham-backed stablecoin. This marks a…

June 24, 2025

Fact Check: Are Abu Dhabi Taxis Accepting Crypto Payments with AE Coin?

Abu Dhabi has just made history and has taken a major step forward in digital…

June 24, 2025

XRP Price Prediction Today: 24th June

XRP climbed 14% over the past 24 hours to reclaim the $2 mark. The rally…

June 24, 2025

Massive Altcoin Breakout: 20%+ Daily Gains—Is This the Beginning of an AltSeason?

In the first few days of May 2025, when the Bitcoin price broke above the…

June 24, 2025

WazirX News: Singapore Court Approves New Hearing on User Repayment

The Singapore High Court has granted Indian cryptocurrency platform WazirX the opportunity to present further…

June 24, 2025