{"id":245429,"date":"2021-05-08T21:16:34","date_gmt":"2021-05-08T18:16:34","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/rari-capital-falls-victim-to-11-million-exploit\/"},"modified":"2021-05-08T21:16:34","modified_gmt":"2021-05-08T18:16:34","slug":"rari-capital-falls-victim-to-11-million-exploit","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/rari-capital-falls-victim-to-11-million-exploit\/","title":{"rendered":"# Rari Capital falls victim to $11 million exploit"},"content":{"rendered":"<p>&#8220;<strong># Rari Capital falls victim to $11 million exploit <\/strong>&#8221;<br \/>\n<img decoding=\"async\" src=\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjEtMDUvYTRiZDEzNDYtZWFhOC00OTk0LTlhYjktZDRkOTIyZjc0NTViLmpwZw==.jpg\" \/><\/p>\n<div class=\"post-content\" data-v-5a136f3a>After a $11 million attack earlier today, Rari Capital is the latest decentralized finance (DeFi) protocol to fall victim to a high-priced exploit\u00a0<\/p>\n<p>The platform, which builds optimized yield vaults and boutique lending pools, confirmed the attack in a Tweet and said that a full postmortem is forthcoming:<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">There has been an exploit in the Rari Capital ETH Pool related to our <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/AlphaFinanceLab?ref_src=twsrc%5Etfw\">@AlphaFinanceLab<\/a> integration. <\/p>\n<p>The rebalancer has removed all funds from Alpha in response. <\/p>\n<p>We are currently investigating the situation and a full report will be shared once everything is assessed.<\/p>\n<p>\u2014 Rari Capital (@RariCapital) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/RariCapital\/status\/1391050253621678080?ref_src=twsrc%5Etfw\">May 8, 2021<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>Per whitehat hacker Emiliano Bonassi, the exploit <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>ears to be an \u201cevil contract\u201d exploit, in which an attacker \u2018tricks\u2019 a contract into thinking a hostile contract should have access or permissions. Alpha Finance announced in a Tweet that the hack was related to Rari\u2019s interest-bearing ibETH vault, but that no Alpha funds were at risk:<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Funds are SAFE on <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/hashtag\/AlphaHomora?src=hash&amp;ref_src=twsrc%5Etfw\">#AlphaHomora<\/a>. <\/p>\n<p>We are notified that <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/RariCapital?ref_src=twsrc%5Etfw\">@RariCapital<\/a> has suffered from an exploit that was due to the incorrect assumption when using HomoraBank contract, as they were setting up an ibETH pool on their platform.<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/hashtag\/Alpha?src=hash&amp;ref_src=twsrc%5Etfw\">#Alpha<\/a> team is here to help.<\/p>\n<p>\u2014 Alpha Finance Lab (@AlphaFinanceLab) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/AlphaFinanceLab\/status\/1391046927349784589?ref_src=twsrc%5Etfw\">May 8, 2021<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The hacker\u2019s <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/etherscan.io\/address\/0xcb36b1ee0af68dce5578a487ff2da81282512233\">wallet<\/a> currently holds 4,005 ETH worth over $15,000,000, but a portion of those funds appear to be from a separate exploit.\u00a0<\/p>\n<p>Like many before him, the attacker appears to have considered sending a message to the Rari team, but cancelled the transaction. Because he paid a low gas fee, however, observers were able to notice the message as a pending transaction before it was cancelled: <\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">The hacker has left a base64-encoded message saying<\/p>\n<p>rari=REKT<br \/>alpha=ok # saved rari 6m<a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/WQpiPksDOX\">https:\/\/t.co\/WQpiPksDOX<\/a> <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/ruMH8Wam5s\">pic.twitter.com\/ruMH8Wam5s<\/a><\/p>\n<p>\u2014 banteg (@bantg) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/bantg\/status\/1391054251388964867?ref_src=twsrc%5Etfw\">May 8, 2021<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>While taking the aborted victory lap, the attacker\u2019s message also seemed to imply that the Alpha Homura team prevented an additional $6 million drain.\u00a0<\/p>\n<p>Already users are taking to <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">Twitter<\/a> to speculate about what form the team\u2019s compensation plan might take. Compensating users affected by hacks and exploits is becoming an increasingly common practice, most recently with EasyFi revealing their compensation plan after a crippling $60 million exploit.<\/p>\n<p>The Rari Capital team has often been a target of both community support and derision. The team is notably young, with one developer reportedly being 15 years old. One of their key investors, Twitter user <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/Tetranode\">Tetranode<\/a>, joked on a recent Up Only <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/www.youtube.com\/watch?v=zDxcj4lypSQ\">podcast<\/a> that, despite only being middle aged, the team frequently and playfully taunts him as a \u201cboomer.\u201d <\/p>\n<p>As such, while some have criticized the team and attempted to blame youthful inexperience for the attack, other have noted that security practices in DeFi are continually evolving and have been quick to voice support for the team, including SushiSwap CTO Joseph Delong:<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">This is a tragedy, we love that team<\/p>\n<p>\u2014 Jo-sofa De-lounge (@josephdelong) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/josephdelong\/status\/1391050241734967297?ref_src=twsrc%5Etfw\">May 8, 2021<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>$RGT, Rari&#8217;s governance token, is down 23.24% to $13.35 on the <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">news<\/a>.\u00a0<\/p>\n<p><template data-name=\"subscription_form\" data-type=\"defi_newsletter\"><\/template><\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more News articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/rari-capital-falls-victim-to-11-million-exploit\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8220;# Rari Capital falls victim to $11 million exploit &#8221; After a $11 million attack earlier today, Rari Capital is the latest decentralized finance (DeFi) protocol to fall victim to a high-priced exploit\u00a0 The platform, which builds optimized yield vaults and boutique lending pools, confirmed the attack in a Tweet and said that a full&#8230;<\/p>\n","protected":false},"author":1,"featured_media":245430,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjEtMDUvYTRiZDEzNDYtZWFhOC00OTk0LTlhYjktZDRkOTIyZjc0NTViLmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74868,74891,74882,70944],"class_list":["post-245429","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-defi","tag-ethereum","tag-hacks","tag-hackers"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/245429","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=245429"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/245429\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/245430"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=245429"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=245429"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=245429"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}