Share this article
DeFi Lender Rari Capital/Fei Loses $80M in Hack
Fei Protocol, which late last year merged with Rari, announced a $10 million bounty should the funds be returned.
Updated May 11, 2023, 5:35 p.m. Published Apr 30, 2022, 4:48 p.m.
Make us preferred on Google
Decentralized finance (DeFi) platforms Rari Capital and Fei Protocol suffered a more-than-$80 million hack early Saturday.
- The hacker exploited a reentrancy vulnerability in Rari's Fuse lending protocol, according to a tweet by smart contract analysis firm Block Sec.
Our monitoring system detected that multiple pools related to @RariCapital @feiprotocol were attacked, and lost more than 80M US dollars. The root cause is due to a typical reentrancy vulnerability. @defiprime
ā BlockSec (@BlockSecTeam) April 30, 2022
https://t.co/Cbtilpbuw9
STORY CONTINUES BELOW
Don't miss another story.Subscribe to the Crypto Daybook Americas Newsletter today. See all newsletters
- According to a tweet from Blockchain security firm PeckShield, the same vulnerability has been used to attack other forks of the Compund DeFi protocol.
- Rari Capital acknowledged the hack, saying borrowing has been paused globally and that no further funds were at risk.
- Fei Protocol, which merged with Rari in December, offered to let the attacker keep $10 million of the stolen funds as a "bounty" if the remaining funds were returned.
We are aware of an exploit on various Rari Fuse pools. We have identified the root cause and paused all borrowing to mitigate further damage.
ā Fei Protocol (@feiprotocol) April 30, 2022
To the exploiter, please accept a $10m bounty and no questions asked if you return the remaining user funds.
- Rari Capital suffered from a different attack in May of last year, which saw a hacker run away with $10.6 million in user funds.
This story is developing and will be updated.
