Rari capital exploit

The hacker was able to use an “evil contract” exploit to gain access to the funds. This is where the attacker creates a hostile contract and tricks the protocol into believing it belongs there, giving them access to protocol funds. Rari Capital listed out how the hacker was able to do this.

The attacker repeatedly executed the following steps inside of `ibETH.work`:

1. Flashloan ETH from dYdX.
2. Deposit that ETH into the Rari Capital Ethereum Pool.
3. Manipulate the value of `ibETH.totalETH()` by pushing it artificially high.
4. Withdraw more ETH from the Rari Capital Ethereum Pool than the attacker deposited because the Rari Capital Ethereum Pool’s balances are artificially inflated (because `ibETH.totalETH()` is artificially inflated).
5. At the end of `ibETH.work`, the value of `ibETH.totalETH()` returns to its true value, leading the Rari Capital Ethereum Pool’s balances to values lower than they were before the attack as a result of the attacker withdrawing more than they deposited while their balance was artificially inflated.

Also, Twitter user Igor Igamberdiev pointed out that the same address was responsible for the value exploit. This hacker man was able to deploy the first cross-chain exploit successfully. The hacker’s wallet currently holds 4,005 ETH from both exploits. Click the thread below to see an in-depth account of how this was pulled off. 

The hackerman did consider sending a message but canceled the transaction before it went through. In the message, the hacker wrote “rari=rekt” and “alpha=ok # saved rari 6m.” It is presumed the hacker was saying Alpha Finance Lab prevented $6 million more from being drained.

There has been some backlash towards the Rari Capital team. Specifically, how young the team working on the project is; one of the developers is said to be 15 years old. There’s also backlash that the protocol was audited for security flaws, but this situation still occurred.