DeFi Collaborations
Decentralized Finance Investigator, BlockSec, said its security system has detected a theft to the tune of $80 million as it cited the cause as a classic vulnerability of reentrancy.
As a result of the theft, Fei Protocol, a decentralized finance firm, has put up an offer of $10 million in bounty to all crypto hackers in its effort to get back a bulk of the funds that were stolen from many Rari Fuse platforms to the tune of almost $80 million.
Over the weekend, there was a piece of information passed from Fei Protocol to its investors that there had been exploitative actions over many pools of the Rari Fuse investment platform while it also appealed to the involved to refund their loots with a promise of $10 million rewards and a further promise to ask no questions.
Although the specific figure of loss involved in the attack was not officially stated, BlockSec, an investigator in the decentralized finance sector which operates a monitoring system, said that detected up to $80 million to have been lost to the heist, while mentioning that the cause might have been a regular vulnerability associated with reentrancy.
Even as the major weak point in most heists carried out in the decentralized finance ecosystem has been linked with the vulnerability of their reentrancy, the recent $80 million theft puts the attack on Fei Protocol as one of the biggest hacks through reentrancy.
After conducting more investigations, Jack Longarzo, a developer with Rari said that there are up to six pools considered to be vulnerable and they have been paused temporarily while the firm carries out a fix of its system. Rari’s external and internal security developers have since started a partnership with Compound Treasury, a decentralized finance security service provider, so they can carry out more investigations on the hack and then neutralize it totally.
PeckShield, an investigator in the blockchain sector provided more insight into the recent development by narrowing down the entire heist to a bug affecting the reentrancy. He said that such a bug enables hackers to use certain functions that make calls to external and untrusted elements.
CertiK, a platform that focuses on ranking security levels on the blockchain, spoke with Cointelegraph and revealed that the hackers have sent to Tornado Cash, some5,400 ETH, about $15,298,900 at the time of putting this together, and they still have up to 22,672.97 ETH which is some $64,245,245.43, in their wallet. The heist cried funds off the Rari pool but Fei pool remains unaffected.
In the Past
On the 8th of May 2021, Rari Capital suffered a high-level attack involving some funds which was in connection with its integration move with the DAO of Alpha Venture, formerly called Alpha Finance. There is yet to be an official statement from Fei Protocol with regards to their investigation.
As the crypto sector continues to battle several hacking attacks at every turn, many protocols have invested in ramping up their security systems. The FBI has linked some attacks to the North Korean hacking syndicate, Lazurus.