DeFi

Defi Protocol LI.FI Hit With $11 Million Exploit — TradingView News

Published

7 months ago

on

Decentralized finance (DeFi) platform LI.FI protocol has been hit with an exploit worth around $11 million following a series of suspicious withdrawals, according to on-chain data.

“Please do not interact with applications running LI.FI at this time,” LI.FI wrote on X. “We are investigating a potential exploit. If you do not have infinite trust set, you are safe.”

LI.FI is a protocol that allows users to trade across different blockchains, platforms, and bridges. It suffered a bug with its exchange function in 2022, resulting in a loss of $600,000, PeckShield described the recent bug as “fundamentally the same.”

Initially, the amount was estimated at $8 million, but project officials now estimate the total damage caused by the hack at around $11 million.

“A smart contract exploit earlier today has been contained and the affected smart contract facet has been disabled,” according to an emailed statement from a spokesperson for the project. “There is currently no additional risk to users. The only wallets affected were set to infinite approvals and represented a very small number of users.”

The statement continued: “We are working with law enforcement authorities and relevant third parties, including industry security teams, to trace the funds. We will release a more detailed autopsy as soon as possible.”

Crypto security firm Decurity said the exploit involved the LI.FI bridge.

“The root cause is the possibility of an arbitrary call with user-controlled data via `depositToGasZipERC20()` in GasZipFacet which was deployed 5 days ago,” Decurity wrote on X.

A report from Immunefi released in May found that $473 million in cryptocurrencies were lost to hacks, exploits and data thefts in the first half of 2024.

UPDATE (July 16, 1:48 p.m. UTC): Adds a link to the 2022 exploit that resulted in a loss of $600,000.

UPDATE (July 16, 7:41 p.m. UTC): It adds a statement from the spokesperson, including updating the size of the hack to $11 million, up from $8 million previously announced.

Fuente

Related Topics:

Leave a Reply

Your email address will not be published. Required fields are marked *

Información básica sobre protección de datos Ver más

  • Responsable: Miguel Mamador.
  • Finalidad:  Moderar los comentarios.
  • Legitimación:  Por consentimiento del interesado.
  • Destinatarios y encargados de tratamiento:  No se ceden o comunican datos a terceros para prestar este servicio. El Titular ha contratado los servicios de alojamiento web a Banahosting que actúa como encargado de tratamiento.
  • Derechos: Acceder, rectificar y suprimir los datos.
  • Información Adicional: Puede consultar la información detallada en la Política de Privacidad.

Trending

Exit mobile version