Threat actors exploited a bug in the Fuse protocol used by DeFi platforms Rari Capital and Fei Protocol and stole more than $80 million.
Threat actors stole more than $80 million from the decentralized finance (DeFi) platforms Rari Capital and Fei Protocol on Saturday. Researchers from smart contract analysis firm Block Sec reported that attackers exploited a reentrancy bug in Rari’s Fuse lending protocol.
Rari Capital paused borrowing globally in response to the hack and ensured that all other funds are secure.
According to CoinDesk, Fei Protocol, which merged last December with Rari, offered to crooks behind the hack a $10 million “bounty” if they will return the stolen funds. The Fei Protocol development team runs a decentralized stablecoin called Fei USD
Researchers from Blockchain security firm PeckShield confirmed that the same reentrancy vulnerability exploited in the cyber heist was also used to target forks of the Compund DeFi protocol.
The attacks against the DeFi protocol are increasing, PeckShield researchers reported that as of May 1, 2022, the exploits have netted $1.57 billion from DeFi.