Hackers steal more than US$10 Million from Rari Capital ETF Fund

Article Rating
The decentralized finance protocol ( DeFi ) Rari Capital suffered a hacker attack on Saturday, said project leader David Lucid in a publication on Medium. The loss was 2,600 Ethereum.

At the current price, the value represents US$10.6 million, according to the Ethereum Price Index (IPE).

Rari Capital posted a tweet to announce the attack, promising to investigate the incident. “There was an invasion of the Rari Capital ETF Fund, related to our integration with @AlphaFinanceLab. The rebalancing withdrew all Alpha funds in response. We are currently investigating the situation, and a full report will be shared as soon as everything is assessed. ”

The hacker left a base64-encoded message that said: “rari = REKT. alpha = ok # saved rari 6m. ”

According to Lucid, the attack was directed at an Ethereum liquidity pool that has recently been integrated into Alpha Finance Labs’ ibETH token, which is an RFi partner DeFi protocol. It was somewhat similar to the case with the Spartan Protocol.

In short, this hacker’s invasion allowed the attacker to manipulate values ​​and artificially push them up. By repeating the maneuver several times, he was able to withdraw more than US$10 million, equivalent to 60% of the funds of all users who participated in the pool.

READ more:  Bitcoin Price once more all-time high surpassing $29,000

“To avoid problems like this in the future, we will rely on the protocols we affiliate with to review our integrations as a form of security. This is by far the most important measure ”, wrote the project representative.

According to the company, the exploited code had been audited by Quantstamp (a company that conducts audits on smart contracts), which was also unable to identify the flaw. 

Attack procedures

Accordint o Rekt News, the attacker’s actions on BSC were as follows:

1: Create a fake token and pool it with BNB on PancakeSwap in order to use Alpaca Finance.

2: Interact with Alpaca Finance, where when calling approve() for a fake token, a payload is called, which allows an attacker to use VSafe through Codex farm to get vSafeWBNB

3: Convert vSafeWBNB to WBNB

4: Transfer WBNB to Ethereum through Anyswap.

Repeat 2x.

Then, the attack on Rari went as follows:

1: Create a fake token and pool with it on SushiSwap

2: Interact with Alpha Homora, where a payload is also called so that the attacker can get ibETH in the Rari ETH pool contract.

3: Convert ibETH to ETH in the Rari ETH pool.

As a result, 2.9k ETH ($11.1M) was stolen, and another 1.7k ETH was at risk before the actions of the Rari team.

The total profit from the two attacks was $15M in ETH.

credit: frankresearcher

Rari Capital REKT

The Rari Capital governance token $RGT fell sharply in price following the attack.

READ more:  Billionaire Carl Icahn thinking of a potential investment of $1.5B in Crypto
rari decode Hackers steal more than US$10 Million from Rari Capital ETF Fund

The attacker decided to voice their opinion on the involved protocols, but it seems they had second thoughts, as they tried to cancel the transaction. However, they set the gas too low and the cancellation didn’t go through for 20 minutes, giving everyone time to see their message.

Credit: banteg & dudesahn

Unprecedented attack

According to research analyst Igor Igamberdiev of The Block, this was the first time that there was cross-chain exploitation in DeFi. He said that the hackers at Rari Capital are the same ones who attacked the Value DeFi project on Twitter.

Last Thursday (6), Value DeFi was invaded and had a loss of US $ 10 million. Three days later, on Saturday, came another attack that took another $ 11 million from the project that operates on the Binance Smart Chain. 

In another exploration in November last year, the same protocol had already lost US$7 million. Altogether, Value DeFi has already suffered three attacks in six months.

Money back

In the case of Rari Capital, the developers agreed to reimburse investors with 2 million Rari Governance Token (RGT) – the project’s native token – which would be used initially to improve the team.

After the exploration was released, the RGT fell 45% in one hour, according to CoinGecko.

On Monday (10), the price of the cryptocurrency has recovered and is worth about $ 12.80, which ensures that all users affected to get their money back. 

Article Rating

Follow us on Facebook, Twitter, Instagram, and Telegram, and don’t miss any crypto news.


The information expressed in this article is solely those of the author and do not necessarily reflect the vies of CryptoDeFinance.  Each and every investment and trading move involves high risk. You should always conduct your own research when making a decision in crypto investment.
Share on facebook
Share on twitter
Share on linkedin
Share on reddit
Share on tumblr
Share on telegram
Share on whatsapp

Bruno Marques

Hi! I am the CEO/Founder of Crypto DeFinance, and I am an Enthusiast crypto investor. I started this project so we can provide you with carefully curated news. If you like us and our news, share the posts and comment. Your visit and interaction is very important to us.
Notify of
0 Comentários
Inline Feedbacks
View all comments


Bitcoin (BTC) $ 63,348.00
Ethereum (ETH) $ 4,114.80
Cardano (ADA) $ 2.17
Binance Coin (BNB) $ 476.96
Dogecoin (DOGE) $ 0.246180
Polygon (MATIC) $ 1.51
PancakeSwap (CAKE) $ 20.02
Would love your thoughts, please comment.x
Don't Miss The Latest Crypto News! Subscribe Now