3 May 2022

Hackers drain over $80M from Rari Capital and Fei Protocol DeFi projects


Hackers drain over $80M from Rari Capital and Fei Protocol DeFi projects

Recently-merged Fei Protocol and Rari Capital DeFi projects have suffered a cyberattack that resulted in the loss of over $80 million.

Over the weekend, DeFi security firm BlockSec detected an exploit of multiple streams connected to the decentralized finance protocols which took advantage of what is known as a reentrancy vulnerability. A reentrancy attack occurs when a function makes an external call to another untrusted contract. Then the untrusted contract makes a recursive call back to the original function in an attempt to drain funds.

Fei Protocol and Rari Capital have confirmed the attack and offered the hacker a $10 million bounty if they return the remaining user funds.

On April 30, another decentralized finance protocol, Saddle Finance, revealed it had suffered a $10 million hack. The attacker took advantage of the wrong MetaSwapUtils lib used to calculate the swap and then initiated the exploit with 1 ETH withdrawn from Tornado Cash.

According to blockchain analysis company Chainalysis, in the first three months of 2022, hackers have stolen $1.3 billion from exchanges, platforms, and private entities, and almost 97% of all cryptocurrency stolen has been taken from DeFi protocols, up from 72% in 2021 and just 30% in 2020.


Back to the list

Latest Posts

Interpol arrests suspected leader of Nigerian cybercrime gang involved in BEC attacks

Interpol arrests suspected leader of Nigerian cybercrime gang involved in BEC attacks

The suspect registered 240 domains, 50 of which were used as command-and-control domains for the ISRStealer, Pony, and LokiBot malware.
26 May 2022
US automaker General Motors hit with credential stuffing attack

US automaker General Motors hit with credential stuffing attack

Social Security numbers and driver’s license details weren’t compromised, the company said.
25 May 2022
Popular Python and PHP libraries altered to steal AWS keys

Popular Python and PHP libraries altered to steal AWS keys

In both cases the attacker appears to have taken over packages that have not been updated in a while.
25 May 2022