A $10 Million 'Bounty' for an $80 Million DeFi AttackFei Protocol Offers 'No Questions Asked' Deal to Hacker
Decentralized finance platform Fei Protocol has offered a $10 million "no questions asked" bounty to hackers in an attempt to recover some of the funds stolen from its recently merged decentralized autonomous organization partner Rari Capital.
The funds, it says, were stolen from Rari Fuse, which is a customizable, open interest rate protocol that allows users to lend and borrow digital assets. Even as the company is "still investigating the Fuse exploit alongside security experts," it has currently disabled borrowing.
Rari is aware of an exploit on various Fuse pools. Borrowing has been paused globally and no further funds are at risk.— Jack Longarzo (@JackLongarzo) April 30, 2022
The Rari team, and the rest of the Tribe, are working mitigate the loss and recover exploited funds, and will provide updates as soon as they are available.
Neither of the platforms provided details on the amount of funds stolen.
Blockchain security firm BlockSec, however, tells Information Security Media Group that about $80 million was stolen from the platform. Blockchain security firm CertiK also confirms this to ISMG, adding that the hacker is already moving funds to Tornado Cash, a privacy protocol that obfuscates the flow of funds.
Midas Capital, a fork of Rari Capital, has disclosed the technical details of how and why the attack happened. Rari Capital too has offered an explanation of the hack, including the flaw's origins and future steps, and more details have been disclosed on the Rari developer's tweet thread.
Fei Protocol, its founder Joey Santoro, and Rari Capital have not responded to ISMG's request for additional details and comment.
Many cybersecurity professionals, including BlockSec CTO Lei Wu, do not condone the DeFi platforms' move to offer the hackers who stole the funds a bounty.
Wu tells ISMG that members of the security community "do not encourage such a behavior because it seems to be an incentive for the attackers. Such an incentive may not be fair to the real white hats."
Wu also says the hackers exploited a reentrancy vulnerability to steal the funds. "This is a typical reentrancy vulnerability," he says.
CertiK co-founder Ronghui Gu tells ISMG that a reentrancy attack happens when a hacker is able to exploit a vulnerability in a smart contract to force it to continually mint and send tokens in a transaction to a malicious wallet.
In this case, "this essentially means the hacker was able to initiate a transaction by using ETH as collateral, and then reclaim the deposited ETH without paying back the borrowed funds. This is possible as there was a loophole in the smart contract code whereby the smart contract only updates its balance after sending out the funds. This then creates a window of opportunity for a hacker to call the smart contract again and reinitiate the transaction before its balance has been updated. By deploying this attack on multiple pools, the hacker was able to drain an enormous amount of funds from the protocol," Gu says.
There have been several reentrancy flaw attacks in the past, including many that have resulted in significant losses. This latest one, Wu says, may be the "biggest ever loss in terms of value."
The most famous reentrancy hack was the $60 million to $70 million DAO incident of 2016. Other hacks include, in 2021, a $600 million Grim Finance exploit, a $130 million hack in CREAM.Finance - which was breached three times that year - and a $7.2 million BurgerSwap hack. In 2020, the reentrancy hack of the Lendf.me project caused a loss of around $25 million.
Rari itself was the victim of an $11 million hack in May 2021.
CertiK Stats:— CertiK Alert (@CertiKAlert) May 2, 2022
We recorded 31 major attacks this month, w/ a total loss of ~$376,736,790@AkuDreams & @ElephantStatus combined loss was evaluated at ~$55M, enough to buy a house in Beverly Hills…@feiprotocol & @saddlefinance made the list just yesterday w/ nearly $90M lostpic.twitter.com/skEZrrkmcS
Mitigation and Prevention
Before the deployment of a project's smart contract, a strict code audit is necessary to review the code logic, Wu says. He adds that "different security audit providers with different expertise are recommended."
After the deployment, suspicious on-chain transactions must be monitored and investigated so emergency response may be performed if necessary, he says. And pausing some of the multiple vulnerable pools of Rari/Fei would prevent subsequent attacks if there was timely notification of the first several attacks occurred, Wu adds.
Rari, in its post-attack blog post, shares that it has "ensured that all code in production is scrutinized and goes through an extensive auditing process."
"In response to the identified vulnerability, Rari will be taking a series of enhanced security measures. First, Rari Capital engineers are currently conducting extensive internal reviews of the Fuse codebase," the post says.
Wu also recommends a bug bounty program to ensure that the code is under constant scrutiny for vulnerabilities.
Rari Capital says it and Fei Protocol have already done this. They have merged their respective bug bounties into one joint Tribe DAO bug bounty, the blog post says.