The attackers stole at least USD $80 million in crypto funds from Fei Protocol the set of rules that define interactions on a network, usually involving consensus, transaction validation, and network participation on a blockchain. exploiting a vulnerability in smart contracts. The reward will be delivered under the stated conditions provided that the stolen capital capital is most commonly defined as the large sum of money you would use to invest. is returned in full.
Fei Protocol the platform a place to buy, sell and store cryptocurrency DeFi a movement encouraging alternatives to traditional, centralized forms of financial services. The company, which was recently the victim of a security the term securities refers to a fungible and tradable financial instrument that carries a type of monetary value. breach in which attackers stole at least $80 million in cryptocurrencies, but executives made an unusual proposal to those responsible for the attack to return the funds.
USD $10 million reward “no questions asked”
This was revealed by the team of Fei Protocol in a publication through his Twitter account, where they offer some details about the attack and make the curious proposal to the attackers:
“We are aware of an exploit present in several Rari Fuse clusters. We have identified the root cause and have stopped all lending to mitigate further damage. For the attacker, please accept a reward of USD $10 million and we will ask no questions if you return the remaining funds stolen from users.”
We are aware of an exploit on various Rari Fuse pools. We have identified the root cause and paused all borrowing to mitigate further damage.
To the exploiter, please accept a $10m bounty a cryptocurrency bounty is a reward users receive for performing tasks assigned by a given blockchain or project. and no questions asked if you return the remaining user funds.
– Fei Protocol (@feiprotocol) April 30, 2022
While offering rewards to attackers for returning funds is a common practice, what is striking in this case is the policy of “no rewards”. don’t ask questions “They would be willing to hand over the $10 million if the stolen capital is returned.
The attack perpetrated against Fei Protocol
De acuerdo con los informes asociados al caso, el hacker responsable del ataque aprovechó una brecha presente en los contratos inteligentes, con lo cual perpetró un ataque de reentrada, es decir, hizo uso de la funcionalidad que permite mover fondos sin que apliquen los controles de seguridad apropiados.
In spite of the audits, the team of Fei Protocol did not notice the breach until it was too late. Some reports indicate that other protocols have been victims of similar attacks, as they used the code the action of coding is to write programming statements for a program. fromCompound effective at the beginning of 2021, so the gap has been present.
As discussed, this led to the theft of some $80 million in crypto funds. Already the Fei alerted the authorities and other exchanges to assist in the detection of the assets. However, the chief technology officer of BlockSec, Lei Wu, reported that about 5,400 ETH of the total stolen funds had already been sent to transaction mixers, greatly reducing the likelihood of finding the funds.
Protocols DeFi: Highly lucrative targets
What has happened to Fei Protocol is not something new in the industry DeFi, as today these platforms are some of the most lucrative targets for hackers with extensive knowledge of coding and smart contracts.
In the past, protocols such as Uniswap, Cream Finance, The Dao decentralized autonomous organization, system of rules that define how a decentralized organization should operate and which actions it should take. and many others have been the victims of attacks, whereby unknown actors have managed to get their hands on the funds, leading in some cases to the closure of the protocols due to the inability to adequately remunerate the victims.
In more recent times, we have the cases of Wormhole y Ronin, on whose bridges a blockchain bridge allows the seamless transfer of data or tokens between two different blockchain projects. there were significant losses after attacks perpetrated by hackers. In the latter, the company responsible reported major changes in its operating model, so now they will finalize resources to prevent future security breaches.
- More than 50 NFT non-fungible tokens (NFTs) are cryptocurrencies that do not possess the property of fungibility. stolen after Bored Ape’s Instagram and Discord discord is a web-based communication tool or application primarily built to enable communication between gamers. accounts hacked: reports
- OFAC points to four crypto addresses linked to Ronin network a network refers to all nodes in the operation of a blockchain at any given moment in time. hack and associates them with Lazarus hacking hacking is the process of using a computer to manipulate another computer or computer system in an unauthorized fashion. group
- Recently published research appears to have led to the person allegedly responsible for the hacking of The DAO in 2016.
Source: Blockworks , Twitter
Version by Angel Di Matteo / DiarioBitcoin
Imagen de Unsplash