{"id":60837,"date":"2022-05-01T14:32:15","date_gmt":"2022-05-01T11:32:15","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=60837"},"modified":"2025-09-05T08:34:31","modified_gmt":"2025-09-05T05:34:31","slug":"rari-capital-loses-80-million-in-hack","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/rari-capital-loses-80-million-in-hack\/","title":{"rendered":"Rari Capital loses $80 million in hack"},"content":{"rendered":"<p>An unknown actor withdrew assets estimated at about $80 million from the Rari Capital decentralized-finance protocol, held in its Fuse lending pools.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Our monitoring system detected that multiple pools related to <a href=\"https:\/\/twitter.com\/RariCapital?ref_src=twsrc%5Etfw\">@RariCapital<\/a> <a href=\"https:\/\/twitter.com\/feiprotocol?ref_src=twsrc%5Etfw\">@feiprotocol<\/a> were attacked, and lost more than 80M US dollars. The root cause is due to a typical reentrancy vulnerability. <a href=\"https:\/\/twitter.com\/defiprime?ref_src=twsrc%5Etfw\">@defiprime<\/a><br \/> <a href=\"https:\/\/t.co\/Cbtilpbuw9\">https:\/\/t.co\/Cbtilpbuw9<\/a><\/p>\n<p>\u2014 BlockSec (@BlockSecTeam) <a href=\"https:\/\/twitter.com\/BlockSecTeam\/status\/1520350965274386433?ref_src=twsrc%5Etfw\">April 30, 2022<\/a><\/p>\n<\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>In a smart-contract auditing firm BlockSec attributed the breach to a &#8220;typical reentrancy vulnerability&#8221; in Fei Protocol&#8217;s code.<\/p>\n<p>The developers confirmed the information, paused borrowing of crypto assets, and offered the hacker a $10 million payout for the return of the stolen funds.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">We have identified an exploit on Fuse Arbitrum, and borrowing has been disabled as we continue to investigate. <\/p>\n<p>Updates will continue to be shared. <a href=\"https:\/\/t.co\/usL0afFfeT\">https:\/\/t.co\/usL0afFfeT<\/a><\/p>\n<p>\u2014 Rari Capital (@RariCapital) <a href=\"https:\/\/twitter.com\/RariCapital\/status\/1520651835081740290?ref_src=twsrc%5Etfw\">May 1, 2022<\/a><\/p>\n<\/blockquote>\n<p> <script async=\"\" src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Following the incident, the governance token RGT fell 20%, to $11.50.<\/p>\n<figure class=\"wp-block-image size-large\"><img loading=\"lazy\" decoding=\"async\" width=\"1024\" height=\"640\" src=\"https:\/\/forklog.com\/wp-content\/uploads\/Snimok-ekrana-2022-05-01-v-12.05.51-1024x640.png\" alt=\"DeFi-\u043f\u0440\u043e\u0435\u043a\u0442 Rari Capital \u043f\u043e\u0442\u0435\u0440\u044f\u043b $80 \u043c\u043b\u043d \u0432 \u0440\u0435\u0437\u0443\u043b\u044c\u0442\u0430\u0442\u0435 \u0432\u0437\u043b\u043e\u043c\u0430\" class=\"wp-image-171771\" srcset=\"https:\/\/forklog.com\/wp-content\/uploads\/Snimok-ekrana-2022-05-01-v-12.05.51-1024x640.png 1024w, https:\/\/forklog.com\/wp-content\/uploads\/Snimok-ekrana-2022-05-01-v-12.05.51-300x188.png 300w, https:\/\/forklog.com\/wp-content\/uploads\/Snimok-ekrana-2022-05-01-v-12.05.51-768x480.png 768w, https:\/\/forklog.com\/wp-content\/uploads\/Snimok-ekrana-2022-05-01-v-12.05.51-1536x960.png 1536w, https:\/\/forklog.com\/wp-content\/uploads\/Snimok-ekrana-2022-05-01-v-12.05.51-2048x1280.png 2048w\" sizes=\"auto, (max-width: 1024px) 100vw, 1024px\" \/><figcaption>Hourly chart of RGT\/USD on Coinbase. Data: TradingView.<\/figcaption><\/figure>\n<p>Earlier, in May 2021, Rari Capital <a href=\"https:\/\/forklog.com\/en\/news\/defi-project-rari-capital-lost-about-11-million-in-a-hack\">lost 2600 ETH<\/a> in a hack.<\/p>\n<p>Follow ForkLog&#8217;s Bitcoin news on our Telegram \u2014 cryptocurrency news, prices and analysis.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>An unknown actor withdrew assets estimated at about $80 million from the Rari Capital decentralized-finance protocol, held in its Fuse lending pools.<\/p>\n","protected":false},"author":1,"featured_media":60838,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1154,1093],"class_list":["post-60837","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-crimes","tag-defi"],"aioseo_notices":[],"amp_enabled":true,"views":"28","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/60837","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=60837"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/60837\/revisions"}],"predecessor-version":[{"id":60839,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/60837\/revisions\/60839"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/60838"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=60837"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=60837"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=60837"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}