Fei Protocol offered a $10 million reward to Rari Fuze hacker in exchange for $80 million in treasure

The monitoring system of DeFi investigator BlockSec identified a loss of more than $80 million, with the main cause being an usual reentrancy vulnerability.

In an attempt to negotiate and reclaim a significant portion of the stolen cash from several Rari Fuse pools valued $79,348,385.61 β€” nearly $80 million β€” decentralized banking platform Fei Protocol issued a $10 million bounty to hackers.

Exchange:Β Click here to check the best crypto exchanger

On Saturday, Fei Protocol notified its investors of an attack that affected many Rari Capital Fuse pools, proposing that the hackers return the stolen assets in exchange for a $10 million reward and a “no questions asked” guarantee.

While the specific damages from the attack were not disclosed, DeFi investigator BlockSec’s monitoring system reported a loss of more than $80 million, indicating an usual reentrancy weakness as the primary cause. While reentrancy flaws have been at the heart of numerous exploits in the DeFi ecosystem, the Fei Protocol’s $80 million bounty makes it one of the most lucrative reentrancy hacks ever.

Rari developer Jack Longarzo discovered six susceptible pools (8, 18, 27, 127, 144, 146, 156) that have been temporarily suspended while an internal patch is being implemented. Rari’s internal and external security engineers are working with DeFi service provider Compound Treasury to investigate and neutralize the attack at the time of writing.

PeckShield, a blockchain investigator, tracked down the attack to a reentrancy issue, which lets hackers to utilize a function to call another untrusted contract.

The attacker has contributed 5400 Ether (ETH), or $15,298,900 at the time of writing, to Tornado Cash and still has 22,672.97 ETH, or $64,245,245.43 in their wallet, according to security-focused rating site CertiK. The Rari pool has been emptied of cash, whereas the Fei Pools (Tribe, Curve) have remained untouched.

Rari Capital was the victim of a high-priced exploit due to the integration with Alpha Venture DAO, formerly Alpha Finance Lab, on May 8, 2021. The Fei Protocol team has yet to make a formal declaration about the findings of its inquiry as of this writing.

Related:Β Check out our latest giveaways

Several projects and protocols have opted to beef up their security mechanisms as the crypto community fights hackers in an ever-evolving struggle. Following the $600 million theft earlier this month, the Ronin Network and Sky Mavis announced plans to improve their smart contracts on Thursday.

The FBI blamed the assault on Lazurus, a North Korean-based and state-sponsored hacker gang, and issued a warning to other crypto and blockchain companies.

Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
0
Would love your thoughts, please comment.x
()
x