FuzzLand: $100 to stop hackers from further attacking more than $6.50 million on Sonne

On May 15th, blockchain security firm FuzzLand intern @tonyke_bot posted on the X platform that team members used $100 to prevent more than $6.50 million of assets on Sonne Finance from being further attacked by hackers. Specifically, Compound-based Sonne has a common Compound V2 vulnerability that allows attackers to perform loss of precision attacks when there is an uninitialized new pool (soVELO). FuzzLand detected the attack immediately after the hacker's first attack and found that the attacker held a soVELO position, which made it impossible to exploit it without liquidating the loss of precision. FuzzLand then exchanged $100 for some VELO and added it to the soVELO pool. The vulnerability is no longer exploitable, thus protecting about $6.50 million of the remaining pool funds from being reused. Previously, according to dispatching shield monitoring, DeFi lending agreement SonneFinance was hacked, need to carefully check its time lock contract, the current loss of more than 20 million dollars.