Hackers steal $90 million from DeFi platforms Rari Capital and Saddle Finance

Two decentralized finance platforms were attacked this weekend by hackers who ended up stealing a total of $90 million.

Rari Capital confirmed reports from several blockchain security companies on April 30 that about $80 million worth of cryptocurrency was stolen through their platform. 

Rari Capital’s Jack Longarzo said the company was attacked through an exploit and Fei Protocol, a company that merged with Rari Capital, offered the hacker a $10 million bounty. CoinGecko data shows Fei is the 11th largest stablecoin based on market cap.

Blockchain security company BlockSec explained that the hackers used a reentrancy vulnerability. Reentrancy attacks involve bugs in contracts that allow an attacker to withdraw funds repeatedly in a loop before the original transaction is approved or declined or the funds need to be returned. 

Over the last year, several DeFi platforms have been hit with reentrancy attacks, including Revest Finance, Ola Finance, and Cream Finance

Longarzo said the attack was conducted through Rari Capital’s DeFi lending market creator for developers called Fuse. Fixes for the vulnerability are being worked on, according to Longarzo, but the company did not respond to requests for comment about how user’s will be compensated for their losses.  

Rari Capital previously lost $15 million in cryptocurrency during a price manipulation attack in May 2021. 

On April 30, another platform – Saddle Finance – reported that about $10.3 million was stolen from their platform.

They attempted to contact the hacker to offer a bounty but noted that BlockSec managed to get $3.8 million worth of stolen funds back to Saddle Finance. 

The company said it would pay BlockSec about $380,000 for returning some of the stolen funds. 

They are in the process of deciding how to reimburse users who lost funds in the attack and wrote that they plan to put the decision up for a vote

Saddle Finance allows users to sell and trade stablecoins – cryptocurrencies pegged to fiat money. 

Blockchain security firm PeckShield said 3,633 ETH stolen during the attack are still in the attacker's account but 300 ETH – about $850,000 – has already been deposited into cryptocurrency mixing service Tornado.

Get more insights with the
Recorded Future
Intelligence Cloud.
Learn more.
No previous article
No new articles
Jonathan Greig

Jonathan Greig

is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.