DeFi Lending Platforms Lose Over $80 Million In Latest Exploit

This year, DeFi exploits have become a regular trend, with roughly $1 billion already lost in just over a quarter. BlockSec, a blockchain analytics and security firm, has identified a new $80 million DeFi attack.

In a new attack, Rari Capital was targeted.

Rari Capital, a DeFi platform, has been hacked, according to a BlockSec report shared on Twitter. According to the tweet, the hackers made off with $80 million in digital assets.

Rari Capital's Fuse Platform, which provides developers with the framework to create custom lending systems, was the focus of the hack, according to BlockSec. Hackers exploited a weakness in the Fuse Platform's smart contract's reentrancy protocol, according to the firm.

Fei Protocol, the producer of a dollar-pegged stablecoin called Fei USD, was one of the pools attacked by the exploit. The exploit was initially confirmed by the Fei Protocol team. The team acknowledged that they had identified the cause of the theft and that lending on the platforms had been banned, offering a $10 million bounty to the hacker for the safe return of the stolen funds in a message now posted by Rari Capital.

“We are aware of an exploit on various Rari Fuse pools. We have identified the root cause and paused all borrowing to mitigate further damage. To the exploiter, please accept a $10m bounty and no questions asked if you return the remaining user funds,” Fei Protocol tweeted. 

Several DeFi Exploits Marked the Year

This year, DeFi vulnerabilities have risen to the fore, nearly matching the $1.3 billion lost to DeFi breaches in 2021 in just five months in 2022. The Rari protocol follows in the footsteps of the Ronin Network, Inverse Finance, and Beanstalk, which have all been hacked this year. Tornado Cash, an Ethereum mixing protocol, has played a crucial role in many of these hacks, letting hackers obscure their tracks.

The Ronin attack was the most costly in terms of digital assets lost, costing the network $625 million. Notably, US law enforcement has subsequently linked the attack to the Lazarus gang, which is supported by the North Korean government.

According to recent sources, Ronin makers Sky Mavis are presently working on improving security and compensating impacted members of the community. Binance also assisted in the recovery of a portion of the loot, which the hackers attempted to sell on the major exchange.