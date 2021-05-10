Compartir

Tweet

Compartir

Compartir

E-mail

Ethereum (ETH) -based performance aggregator Rari Capital came under fire this weekend by a bunch of bad actors. As a result, 2,600 in this cryptocurrency were stolen from the Rari Capital Ethereum Group, as confirmed by a post-mortem report published by major contributors.

The attack occurred around 1:48 PM GMT, May 8, with a series of transactions lasting nearly an hour. Rari Capital’s product deposits ETH in Alpha Homoras’ ibETH interest-bearing token as part of its strategy.

The protocol group contract operates with ibETH.totalETH () / ibETH.totalSupply (), which is used to calculate the exchange rate for the ibETH / ETH pair. A separate report from Alpha Finance Labs states that this operation may “lead to incorrect assumptions.” The Rari Capital report stated the following:

According to Alpha Finance, `ibETH.totalETH ()` can be manipulated within the `ibETH.work` function, and a user of` ibETH.work` can call any contract they want within `ibETH.work`, including the Rari Capital Deposit and withdrawal functions of Ethereum Pool.

On Ethereum, the attack started when bad actors took a flash loan from the dYdX protocol for around 59,000 in this cryptocurrency. The funds were in Rari’s Ethereum-based pool with the correct conversion rate for the aforementioned trading pair.

The attackers then used the “job” function that allowed them to unleash their offensive by scrambling a “malicious” fToken contract. This allowed hackers to artificially inflate their ibETH / ETH rate.

At 2:29 PM + UTC, the possible root of the exploits was discovered. At 2:34 PM + UTC, the actions on Alpha Homora stopped. Losses accounted for around 60% of all user funds in this Ethereum-based pool. However, only Rari’s funds were lost, as the Alpha Finance report claims. Rari Capital said:

At the end of `ibETH.work`, the value of` ibETH.totalETH () `returns to its actual value, leading to Rari’s capital Ethereum reserve balances lower than before the attack as a result that the attacker withdraws from what they deposited while their balance is artificially inflated.

ETH Funds Stolen from Binance Smart Chain

Researcher Igor Igamberdiev revealed that the exploit was much more complex than usual. According to a separate report by Igamberdiev, the attack on Rari Capital is the first cross-chain exploit in the crypto space.

The researcher believes that the hackers first took funds from a Binance Smart Chain performance aggregator called Value DeFi. This protocol suffers multiple attacks on its products, VSafe and VSwap, and the crooks looted 5,346 BNB which immediately turned into 1,000 ETH.

Source: Igor Igamberdiev

On Binance Smart Chain, hackers also created a fake token that was merged on the PancakeSwap exchange. This allowed them to interact with the Alpaca Finance protocol. Igamberdiev stated:

Interact with Alpaca Finance, where when approve () is called to get a fake token, a payload is called, allowing an attacker to use VSafe through the Codex farm to get vSafeWBNB. Convert vSafeWBNB to WBNB. All WBNB was transferred to Ethereum via Anyswap.

To combat these types of attacks in the future, Rari Capital took additional security measures, such as reviewing the integration of its protocol, checking all invariants to detect possible flaws, and others. However, Igamberdiev concluded the following:

Interoperability between DeFi protocols is increasingly complex, opening up new attack vectors. This attack was similar in difficulty to the Pickle Evil Jar and will be even more prevalent in the future.

Ethereum is trading at $ 3,918 with a 2.1% profit on the daily chart and a 31.9% profit on the weekly chart.

ETH with bullish momentum on the daily chart. Source: ETHUSD Tradingview