Not one or two but three DeFi platforms- Rari Capital, Fei Protocol, and Saddle Finance, came under a massive onslaught that resulted in draining roughly $90 million worth of crypto assets. Data provided by Whitehat hackers BlockSec. showed that multiple pools related to these platforms have been targeted.
Out of the three, Rari Capital, Fei Protocol suffered a combined loss of more than $80 million due to a typical reentrancy vulnerability, BlockSec shared via tweet.
According to experts, a re-entrance attack occurs when an execution of a smart contract gets interrupted in the middle and then initiated from the start once again, hence the term re-entered.
A good example of such attack was the DAO hack in June 2016, where over $60 million in Ethereum was stolen.
That said, Fei Protocol also confirmed the attack by saying that they are aware of the exploit on multiple Rari Fuse pools. For the time being, they have suspended all borrowing operations to prevent further exploitation of funds.
The author of the tweet has offered the hacker to keep $10 million from the stolen crypto as a bounty and return the rest of the funds that belong to their users.
If that wasn’t enough, the crypto community was woken up by another DeFi attack.
DeFi trio hacks- the latest update
Blockchain security firm Peckshield brought to light that automated market maker Saddle Finance was exploited in a flash loan attack, resulting in the protocol loss of about $10 million.
The hack was made possible due to the wrong MetaSwapUtils lib which was used for calculating the swap, it tweeted.
It also highlighted that the stolen funds from the 2017 @ParityTech Wallet Multisig hack were on the move as well.
Saddle responded by stating that the team is investigating the exploit and is pausing pool metapools withdrawals before adding that $3.8 million has been recovered.
Single-asset withdrawals are currently restricted, but balanced pool withdrawals are always possible. White hat hackers BlockSec Team were able to secure $3.8m. The team is in contact with them to return the funds.
The $90 million exploits on the trio platforms come exactly one month after the record-breaking $615 million Axie Infinity Hack carried out by the North Korean state-sponsored Lazarus group.
Credit: Source link
Bitcoin 
Ethereum 
Tether 
USD Coin 
BNB 
XRP 
Binance USD 
Cardano 
Solana 
Polkadot 
Dogecoin 
Wrapped Bitcoin 
TRON 
Lido Staked Ether 
Avalanche 
Dai 
Shiba Inu 
LEO Token 
Litecoin 
Cronos 
Polygon 
FTX Token 
NEAR Protocol 
Monero 
Bitcoin Cash 
OKB 
Stellar 
Chainlink 
Ethereum Classic 
Cosmos Hub 
Flow 
Algorand 
Uniswap 
VeChain 
ApeCoin 
Hedera 
Theta Fuel 
Elrond 
Chain 
Tezos 
Internet Computer 
The Sandbox 
Filecoin 
Axie Infinity 
KuCoin Token 
Decentraland 
Frax 
cETH 
Aave 
DeFiChain 
EOS 
TrueUSD 
Klaytn 
Theta Network 
Huobi BTC 
cUSDC 
Maker 
Zcash 
Huobi Token 
TerraClassicUSD 
Terra Luna Classic 
BitTorrent 
The Graph 
Bitcoin SV 
Pax Dollar 
Fantom 
eCash 
IOTA 
Radix 
Quant 
THORChain 
PancakeSwap 
Neutrino USD 
GateToken 
cDAI 
NEO 
Everdome 
Helium 
STEPN 
BitDAO 
Zilliqa 
NEXO 
Loopring 
Kusama 
Arweave 
Dash 
Celo 
PAX Gold 
Convex Finance 
Chiliz 
Amp 
Enjin Coin 
cUSDT 
Green Satoshi Token_BSC 
Stacks 
USDD 
Gala 
Osmosis 
Basic Attention Token 
Fei USD 