On Saturday, BlockSec tweeted that its monitoring system detected an exploit of multiple streams connected to the decentralized finance protocols which took advantage of a reentrancy vulnerability.
Fei Protocol shortly thereafter confirmed the attack, quickly pausing all borrowing functions to mitigate further damage. The protocol also offered a $10 million bounty to the hacker if he chooses to return the stolen funds.
What is Fei Protocol?
While this model eliminates the risks of death spiral or seigniorage, anything that affects the PCV assets could influence the peg. Following Saturday’s announcement, the peg dropped 0.4 percent, and is currently at $0.9982 on CoinGecko.
Rari Capital, on the other hand, is a permissionless lending protocol, which allows users to create Fuse pools where they can supply and borrow ERC-20 tokens. Last year, Fei Protocol and Rari Capital merged after a heavily supported proposal by both communities. The purpose behind the merge was to further bootstrap liquidity for the Fuse pools, with FEI providing the necessary initial liquidity.
BlockSec further shared a snapshot of the attack showing that the hacker stole crypto assets in Wrapped ETH. As it stands, it’s very likely the hacker will not be taking Fei Protcol up on its offer, given the funds have started to be laundered through Tornado Cash.
With this attack, the amount of money lost to crypto exploits this year continues to grow and might overtake that of 2021. Over $1 billion was stolen in Q1 of this year, including the record-breaking $600+ million from Axie Infinity. This attack comes a month after Axie Infinity announced it has been hacked, and in the same week where several DeFi protocols, including Deus DAO and Saddle Finance, have also lost millions to exploits.
What do you think about this subject? Write to us and tell us!