Crypto hackers steal  $77 million in attack on DeFi projects

Crypto projects Rari Capital and Fei Protocol said they suffered a $77 million hack on Saturday, five months after their merger.

Crypto projects Rari Capital and Fei Protocol said they suffered a $77 million hack on Saturday, five months after their merger. An unverified Twitter account for Fei Protocol said it was aware of an exploit targeting various pools belonging to its merged partner Rari Capital. The tweet was verified by Fei founder Joey Santoro in a post to the decentralized-finance project’s Discord server. 

“We have identified the root cause and paused all borrowing to mitigate further damage,” the tweet said. Fei offered a $10 million bounty to the hacker if they returned the remaining user funds, “no questions asked.” Meanwhile, the hacker has already started moving crypto to Tornado Cash, a service that allows users to mask transactions, according to Lei Wu, chief technical officer of blockchain security firm BlockSec, and a review of activity on Etherscan.

Also read: Looking for a smartphone? To check mobile finder click here.

The exploit is the latest to target a DeFi network, which is designed to allow users to bypass traditional intermediaries to borrow and lend digital assets with the added feature of anonymity. In February, hackers made off with $320 million worth of crypto after an attack on Wormhole, a communication bridge between the Solana blockchain and other DeFi networks.

Fei Protocol is focused on building an algorithmic stablecoin, pegged to the value of the U.S. dollar, that can be more easily used by decentralized autonomous organizations, or DAOs. Rari Capital allows investors to lend, borrow and “farm” high yields via a permissionless interest-rate protocol called Fuse. 

The hacker drained funds from several Fuse pools by exploiting a so-called reentrancy vulnerability, Santoro said in a post on Fei’s Discord, and promised to publish a detailed post-mortem of the attack “after further analysis.” 

A reentrancy attack occurs when a protocol’s smart contract makes a call to an external smart contract, which is responded to by a return call from the external contract that seeks to exploit a vulnerability in the initial call’s code. One of the most well-known instances of this type of attack is the 2016 hack on The DAO, according to analysis by crypto developer Moralis, the fallout from which caused the Ethereum blockchain to split itself in two.

Any remaining unexploited funds on Rari “should be safe” from further attacks, he added, while Fei’s peg should remain stable as it is separate from Rari.  

For all the latest Technology News Click Here 

Read original article here

Denial of responsibility! TechAI is an automatic aggregator around the global media. All the content are available free on Internet. We have just arranged it in one platform for educational purpose only. In each content, the hyperlink to the primary source is specified. All trademarks belong to their rightful owners, all materials to their authors. If you are the owner of the content and do not want us to publish your materials on our website, please contact us by email – [email protected]. The content will be deleted within 24 hours.