Colin Wu, a Chinese crypto journalist and blogger, has shared the news about a hacker targeting DeFi platforms Rari Capital and Fei Protocol and draining them for a whopping $80 million in cryptocurrency.
Multiple pools associated with these platforms have been targeted, according to data given by BlockSec, Wu tweeted:
Breaking: BlockSec found that multiple pools related to @RariCapital @feiprotocol were attacked, and lost more than 80M US dollars. The root cause is due to a typical reentrancy vulnerability.
https://t.co/XZ9ihkCeW0 https://t.co/bEjGEijaps— Wu Blockchain (@WuBlockchain) April 30, 2022
Wu mentions a re-entry vulnerability that is often exploited as the reason. A re-entrance attack occurs when the execution of a smart contract is paused in the middle and then restarted from the beginning (re-entered).
The DAO breach in June 2016 was a well-known example of such an assault, in which over $60 million in Ethereum was stolen.
Fei Protocol also tweeted that they are aware of the issue affecting many Rari Fuse pools. They have halted all borrowing activities on them in order to avoid future theft of cash. The author of the tweet has given the hacker a reward of $10 million from the stolen cryptocurrency in exchange for returning the remaining funds to their customers.
We are aware of an exploit on various Rari Fuse pools. We have identified the root cause and paused all borrowing to mitigate further damage.
To the exploiter, please accept a $10m bounty and no questions asked if you return the remaining user funds.
— Fei Protocol (@feiprotocol) April 30, 2022
