DeFi

Defi protocol LI.FI hit by $11 million exploit

Published

6 months ago

on

  • LI.FI spokesperson confirms smart contract exploit that resulted in $11 million hack

  • Project leaders are working with law enforcement and advise customers not to interact with LI.FI-powered applications at this time.

  • LI.FI is a protocol that allows users to trade across different blockchains, venues, and bridges.

Decentralized Finance (DeFi) Platform LI.FI The protocol was hit by an exploit worth around $11 million following a series of suspicious withdrawals, data on string watch.

“Please do not interact with applications running LI.FI at this time,” LI.FI wrote on X. “We are investigating a potential exploit. If you do not have infinite trust set, you are safe.”

LI.FI is a protocol that allows users to trade across different blockchains, sites, and bridges. suffered a bug with its exchange feature in 2022, resulting in a loss of $600,000, PeckShield describe the recent bug is “essentially the same”.

Initially, the amount was estimated at $8 million, but project officials now estimate the total damage caused by the hack at around $11 million.

“A smart contract exploit earlier today has been contained and the affected smart contract facet has been disabled,” according to an emailed statement from a spokesperson for the project. “There is currently no additional risk to users. The only wallets affected were set to infinite approvals and represented a very small number of users.”

The statement continued: “We are working with law enforcement authorities and relevant third parties, including industry security teams, to trace the funds. We will release a more detailed post-mortem as soon as possible.”

Crypto security firm Decurity said the exploit involved the LI.FI bridge.

“The root cause is the possibility of an arbitrary call with user-controlled data via `depositToGasZipERC20()` in GasZipFacet which was deployed 5 days ago,” Decurity written on X.

A report In May, Immunefi revealed that $473 million in cryptocurrencies were lost to hacks, exploits and breaches in the first half of 2024.

UPDATE (July 16, 1:48 p.m. UTC): Adds a link to the 2022 exploit that resulted in a loss of $600,000.

UPDATE (July 16, 7:41 p.m. UTC): It adds a statement from the spokesperson, including updating the size of the hack to $11 million, up from $8 million previously announced.

Fuente

Related Topics:

Leave a Reply

Your email address will not be published. Required fields are marked *

Información básica sobre protección de datos Ver más

  • Responsable: Miguel Mamador.
  • Finalidad:  Moderar los comentarios.
  • Legitimación:  Por consentimiento del interesado.
  • Destinatarios y encargados de tratamiento:  No se ceden o comunican datos a terceros para prestar este servicio. El Titular ha contratado los servicios de alojamiento web a Banahosting que actúa como encargado de tratamiento.
  • Derechos: Acceder, rectificar y suprimir los datos.
  • Información Adicional: Puede consultar la información detallada en la Política de Privacidad.

Trending

Exit mobile version