According to a report from the blockchain company Blocsec, Rari Capital’s Fuse platform has lost roughly $80 million from a “reentrancy vulnerability.” On Saturday, Fei Protocol’s official Twitter account confirmed it lost funds from the Rari Fuse platform exploit.
$80 Million Swiped from Rari Capital
- Another decentralized finance (defi) protocol attacker has managed to siphon millions of dollars worth of crypto from a defi project. On Saturday, the blockchain and smart contract audit firm Blocsec revealed Rari Capital’s Fuse platform suffered a loss of $80 million.
- “Our monitoring system detected that multiple pools related to [Rari Capital] and [Fei Protocol] were attacked, and lost more than 80M US dollars,” Blocsec tweeted. “The root cause is due to a typical reentrancy vulnerability.” Blocsec also shared a picture of the exploit and said: “One picture worth a thousand words.”
- This is not the first time Rari Capital has been attacked. The project revealed on May 8, 2021, that $11 million worth of ethereum was stolen. “These funds were extracted from Rari Capital’s Ethereum Pool before the attacker was stopped when the contracts were paused,” Rari said at the time. “This loss equates to 60% of all users’ funds in the Rari Capital Ethereum Pool.”
- The attack on Saturday was also confirmed by Fei Protocol’s official Twitter account. Fei Protocol also offered the attacker a bounty to return the stolen funds.
- “We are aware of an exploit on various Rari Fuse pools. We have identified the root cause and paused all borrowing to mitigate further damage,” Fei Protocol tweeted on April 30. “To the exploiter, please accept a $10m bounty and no questions asked if you return the remaining user funds.”
- Of course, the defi project received a number of jabs and criticisms from the crypto community. A recently published report indicates out of the $1.3 billion in stolen cryptocurrencies during the first quarter of 2022, 97% of the stolen funds stemmed from defi exploits.