Rari Exploited for $80M
On 1 May, 2022, smart contract auditing platform BlockSec tweeted that a code vulnerability in Rari Protocol allowed hackers to steal $80 million from the project’s treasury.
Fei, an algorithmic stablecoin that bills itself as “the stablecoin for DeFei”, had deposited an undisclosed amount of liquidity in Rari’s treasury. According to Coingecko, Fei has a market capitalization of over $500 million, making it the eleventh largest stablecoin in the crypto market. In December 2021, Fei and Rari announced a merger that brought their joint liquidity pool to over $2 billion.
Fei acknowledged the hack by posting an announcement that “We have identified the root cause and paused all borrowing.” They also pledged a bounty of $10 million to the attackers if they returned the funds.
Rari had previously been targeted by hackers. A year earlier, in May 2021, an attacker exploited the protocol for 2600 ETH worth about $11 million. At the time, Rari’s CEO announced that they’d use their token allocations to reimburse affected users.
Smartphone Predicts Seed Phrase
A German software developer calling himself “Andre” alerted the cryptocurrency community on Reddit on 25 April 2022 that smartphones can accurately predict a user’s seed phrase once they have been stored on the device.
Seed phrases are the standard technique for safeguarding a cryptocurrency wallet. Almost every blockchain network utilizes this method, which is much safer than traditional passwords. However, some crypto users store their seed phrases on their smartphones which could be a serious mistake. Andre revealed that even temporary access to a user’s phone could enable a hacker to quickly gain control of a cryptocurrency wallet.
Modern smartphones come equipped with robust artificial intelligence prediction systems that keep track of every input. The prediction system can store an entire string of words even if it has only been typed once. The best preventive measure against this vulnerability is to remove words from the prediction algorithm and keep seed phrases on paper.
Solana Goes Dark for Eight Hours
Ethereum rival Solana went down for nearly seven hours on 1 May, 2022. The outage was reportedly caused by bots spamming a non fungible token minting platform called Candy Machine that was built on the Solana network.
At the peak of the denial of service attack, the network was being spammed with more than four million transactions per second.
The network was rebooted through a cluster restart with node operators coordinating their efforts through communication platforms like Discord. Solana developers are currently investigating why the network was not able to bear the sudden surge of activity. Candy Machine developer Metaplex reported that the main network had partially crashed as a result of excessive bot activity on their platform. The team is working on implementing a bot penalty to prevent similar attacks in the future.
This incident is not the first time Solana has suffered a massive outage. In September 2021 the network was out of service for 18 hours due to another distributed denial-of-service (DDoS) attack. Solana is an easy target for such attacks due to its lower transaction fees compared to other networks like Bitcoin or Ethereum. The news of an outage made the price of Solana’s native token (SOL) drop sharply to its lowest level since March 2022, although the cryptocurrency is already showing signs of recovery.
OtherSide Generates $561M
On 30 April, 2022, Bored Ape Yacht Club (BAYC) developer Yuga Labs released its much-awaited “Otherside” OtherDeeds NFTs, which generated $561 million in just twenty-four hours, making it one of the biggest and most successful mints to date.
The OtherDeeds NFTs are intended to be keys to BAYC’s upcoming Otherside metaverse game. The NFT studio released 55000 tokens for a minting price of about $5800 each. The original mint alone generated $317 million for the project, while secondary sales from NFT markets like OpenSea brought in another $242 million.
The high demand for these tokens caused the gas prices on the Ethereum network to surge, making the mint even more expensive for the collectors. The incoming traffic was so massive that it crashed the website for many users.