Select Page

How Hackers Looted 2600 ETH In Rari Capital Cross-Chain Exploit

How Hackers Looted 2600 ETH In Rari Capital Cross-Chain Exploit
This article is added for educational purpose only. All credit goes to the respected author of this article. All In One Crypto App do not hold any liabilities of this article. You can get the source link at the end of the article content.

Ethereum (ETH) based yield aggregator Rari Capital was attacked this weekend by a group of bad actors. As a result, 2,600 in this cryptocurrency were stolen from the Rari Capital Ethereum Pool, as a post-mortem report released by core contributors confirmed.

The attack took place at around 1:48 PM UTC, May 8th, with a series of transactions that lasted for almost an hour. Rari Capital’s product deposits ETH into Alpha Homoras’ ibETH interest-bearing token as part of their strategy.

The protocol’s pool contract operates with the ibETH.totalETH()/ibETH.totalSupply(), used to calculate the exchange rate for the ibETH/ETH pair. A separate report from Alpha Finance Labs claims that this operation can “lead to incorrect assumption”. Rari Capital report stated the following:

According to Alpha Finance, `ibETH.totalETH()` is manipulatable inside the `` function, and a user of `` can call any contract it wants to inside ``, including the Rari Capital Ethereum Pool deposit and withdrawal functions.

On Ethereum, the attack began when the bad actors took a flash loan from protocol dYdX for around 59,000 in this cryptocurrency. The funds were into Rari’s Ethereum based pool with the correct conversion rate for the aforementioned trading pair.

Then, the attackers used the function “work” which enabled them to trigger their offensive by encoding an “evil” fToken contract. This allowed the hackers to artificially inflate their ibETH/ETH rate.

At 2:29 PM +UTC, the possible root of the exploits was discovered. At 2:34 PM +UTC, actions on Alpha Homora were paused. The losses represented around 60% of all users fund in this Ethereum-based Pool. However, only Rari’s funds were lost, as Alpha Finance’s report claims. Rari Capital said:

At the end of ``, the value of `ibETH.totalETH()` returns to its true value, leading the Rari Capital Ethereum Pool’s balances to values lower than they were before the attack as a result of the attacker withdrawing more than they deposited while their balance was artificially inflated.

ETH Funds Stolen From Binance Smart Chain

Researcher Igor Igamberdiev revealed that the exploit was far more complex than usual. According to a separate report made by Igamberdiev, the attack on Rari Capital is the first cross-chain exploit in the crypto space.

The researcher believes that the hackers first took funds from a Binance Smart Chain yield aggregator called Value DeFi. This protocol suffers multiple attacks on its products, VSafe and VSwap, and the bad actors looted 5,346 BNB which immediately were converted into 1,000 ETH.

Source: Igor Igamberdiev

On Binance Smart Chain, the hackers also created a fake token which was pool into exchange PancakeSwap. This allowed them to interact with protocol Alpaca Finance. Igamberdiev stated:


Interact with Alpaca Finance, where when calling approve() for a fake token, a payload is called, which allows an attacker to use VSafe through Codex farm to get vSafeWBNB. Convert vSafeWBNB to WBNB. All WBNB transferred to Ethereum through Anyswap.

To fight these types of attacks in the future, Rari Capital took additional security steps, such as place their protocol integration under review, check all invariants for potential malfunctions, and others. However, Igamberdiev concluded the following:

The interoperability between DeFi protocols is becoming more complex, which opens up new vectors of attacks. This attack was similar in difficulty to the Pickle Evil Jar and will become even more frequent in the future.

Ethereum trades at $3,918 with a 2.1% profit in the daily chart and a 31.9% profit in the weekly chart.

ETH with bullish momentum in the daily chart. Source: ETHUSD Tradingview


Source: NewsBTC


All In One Crypto App presents a unique dynamic crypto course that allows you to become a profitable and successful trader. Download Now

Don't forget to share your review/suggestions for android app.

All In One Crypto App is an execution-only service provider. The material provided on this website is for information purposes only and should not be understood as an investment advice. Any opinion that may be provided on this page does not constitute a recommendation by All In One Crypto App or its agents. We do not make any representations or warranty on the accuracy or completeness of the information that is provided on this page. If you rely on the information on this page then you do so entirely on your own here



Select Sub Category


All In One Crypto App

Made $234 profit with Free Signals from $50

This is the best useful app on my phone. Started trading with $50 and in 5 weeks I was up to $234 just with the free signals. I will recommend it to any new person that wants to try trading crypto. Link to Review

Asoluka Chimdindu

Free User
All In One Crypto App

Good Support

This app is one of the best for crypto currency trading signal for experts and beginal with free and premier with auto follow trading bot all the signal is excellent with accurate technical analysis and fundamental I really like the way they guide and support. Link to Review

olaplus olaplus

Premium User
All In One Crypto App

Accurate Trading Signals

I was premium member of this channel back in 2018 when there was no app. Thr signals were too good, more than 90% accuracy. Now with this app and newly introduced auto trading bot, it will be awesome. Too the moon. Link to Review

Yogesh Patil

Premium member
All In One Crypto App

Awesome and Accurate Signals

Very glad to use this app. The crypto signals was awesome and accurate with detailed explanation and visual information. The admin also helpful and nice. Link to Review

soon cheong

Free User
All In One Crypto App

User Friendly App

Signals are great. I love it. App also friendly to use… Nice job guys Link to Review

Olawunmi Dilureni

Premium Subscriber