December 9, 2023

An exploit called “typical reentrance vulnerability” enabled attackers to drain $80 million in crypto from decentralized finance (DeFi) platform Rari Capital’s liquidity pools.

Algorithmic stablecoin Fei the self-touted “Stablecoin for DeFei”also had contributed liquidity to Rari Capital’s exploited pools. Fei has a market cap of well over half a billion dollars, making it the 11th largest stablecoin.

Last year, Fei merged with Rari Capital. Rari enables the creation of so-called Fuse Pools permissionless lending pools that anyone with a wallet can access from anywhere to lend or borrow ERC-20 tokens. No minimum funds are required of users

Advertisements

Fei and Rari’s joint effort got off the ground with $2 billion in liquidity. Fei Protocol acknowledged the exploit on Twitter shortly before BlockSec’s report, saying, “We have identified the root cause and paused all borrowing.” Fei also promised a $10 million bounty to the attackers if they return the stolen funds.

This isn’t Rari Capital’s first major exploit. In May 2021, a hacker stole 2,600 ETH (worth around $11 million at the time) from Rari Capital users. When the companies merged, Fei Protocol assumed some of Rari’s liabilities stemming from that exploit

Tags:

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

You may have missed

Apache Struts fixes Critical Vulnerability – CVE-2023-50164

December 8, 2023

Meta enables Messenger with E2EE by Default

December 8, 2023 2

CISA KEV Update Part II – December 2023

December 7, 2023

Atlassian fixes critical RCE vulnerabilities in its products

December 6, 2023

Microsoft Echo’s on APT 28 exploiting CVE-2023-23397

December 5, 2023

Papercut Privilege Escalation Vulnerability Unearthed

December 5, 2023
%d