Hacker Steals $80 Million From DeFi Lender ‘Rari Capital’ via Fei Protocol Exploit

May 03, 2022, 10:15 AM AEST - 2 weeks ago

DeFi platform Rari Capital has been hacked for more than US$80 million in assets held within its Fuse lending pools.

Rari Capital’s Fuse platform enables DeFi developers to create their own lending markets. Security firm BlockSec identified the exploit as having occurred because of a reentrancy vulnerability in the protocol’s smart contract.

Development team Fei Protocol, which runs a decentralised US dollar-pegged stablecoin called Fei USD, was the biggest loser in the hack. The team manages lending markets on Fuse, where users can deposit funds for an annual yield and also take out loans in FEI stablecoin.

$10 Million Bounty Offered, ‘No Questions Asked’

Fei Protocol has acknowledged the massive exploit and asked the hacker(s) to return the funds to claim a US$10 million bounty:

The Rari Capital exploit is the third significant reentrancy hack in six months. In December, the unfortunately named Grim Finance, a compounding yield optimiser on the Fantom blockchain, was drained of an estimated US$30 million in Fantom (FTM) tokens.

And early last month, DeFi protocol Ola Finance suffered a US$3.6 million hack, also blamed on a reentrancy bug. A fortnight earlier, DeFi lending protocols Agave and Hundred Finance were exploited for approximately US$11 million. DeFi continues to provide far too much fertile ground for hackers.

Disclaimer: The content and views expressed in the articles are those of the original authors own and are not necessarily the views of Crypto News. We do actively check all our content for accuracy to help protect our readers. This article content and links to external third-parties is included for information and entertainment purposes. It is not financial advice. Please do your own research before participating.