LiFi Protocol Under Attack with Over $10 Million Drained
LiFi Protocol Under Attack with Over $10 Million Drained
The Li.Fi protocol, an API that facilitates Ethereum Virtual Machine (EVM) and Solana (SOL) swaps and bridging, has fallen victim to a significant security breach, resulting in the loss of over $10 million in cryptocurrencies.
Hackers exploited vulnerabilities caused by approvals accepted from the malicious contract address to drain assets stored in the contracts and funds in users’ connected wallets.
Hackers Exploit LiFi Protocol: Approximately $10 Million Drained
According to reports from Cyvers Alerts, the breach involved suspicious transactions targeting the Li.Fi protocol through a specific contract address.
🚨UPDATE🚨Our system has raised more suspicious transactions involving @lifiprotocol on #ARB too! We strongly recommend to users to revoke their approvals for: 0x1231deb6f5749ef6ce6943a275a1d3e7486f4eae Total loss is now around $10M across different chains! Want to keep your… https://t.co/G5tAkl31bT pic.twitter.com/NJe3dm7KNP — 🚨 Cyvers Alerts 🚨 (@CyversAlerts) July 16, 2024
Users have been strongly advised to revoke their approvals for the address: 0x1231deb6f5749ef6ce6943a275a1d3e7486f4eae, to prevent further losses.
Meir Dolev, co-founder and Chief Technology Officer at Cyvers, emphasized the risk of such approvals, stating,
“Hackers can exploit these approvals to drain both assets stored in the contracts and funds in the connected wallets of users.”
Please do not interact with any https://t.co/nlZEnqOyQz powered applications for now! We're investigating a potential exploit. If you did not set infinite approval, you are not at risk. Only users that have manually set infinite approvals seem to be affected. Revoke all… — LI.FI (@lifiprotocol) July 16, 2024
In a tweet after Cyvers notification, the Li.Fi protocol team warned users not to interact with Li.Fi-powered applications until further notice and also provided a list of additional addresses to revoke for those who had manually set infinite approvals:
0x1231deb6f5749ef6ce6943a275a1d3e7486f4eae
0x341e94069f53234fE6DabeF707aD424830525715
0xDE1E598b81620773454588B85D6b5D4eEC32573e
0x24ca98fB6972F5eE05f0dB00595c7f68D9FaFd68
As of now, the hackers have drained approximately $10 million in cryptocurrency, and the exploit has extended to the Arbitrum blockchain. This incident highlights the inherent risks of granting approvals to smart contract wallets.
Regarding this, Dolev also stressed and reiterated the risks and the need for vigilance among users and developers.
Recent Attacks in the DeFi Space
Recently, Pike Finance experienced significant losses due to a smart contract vulnerability, resulting in $1.6 million in stolen funds over three days.
The first major exploit occurred on April 30, with an attacker draining over $1.68 million across Ethereum, Arbitrum, and Optimism chains by changing the output address in the smart contract.
This attack followed a similar exploit on April 26, where $300,000 was stolen.
Similarly, Dough Finance lost $1.8 million in digital assets due to a flash loan attack on July 12. The attacker used Railgun’s zero-knowledge protocol to swap stolen USD Coin for 608 ETH.
Further analysis by Olympix revealed that the exploit resulted from unvalidated calldata in the “ConnectorDeleverageParaswap” contract. This failure allowed the attacker to manipulate the data during flash loan calls.
These attacks are part of a broader trend in the crypto space.
Over $1 billion in digital assets were lost in the first half of 2024 due to various security incidents, including phishing attacks and private key compromises. In Q2, over $688 million was lost across 184 on-chain security breaches.
Despite these challenges, the crypto market has shown resilience, achieving a record recovery rate of 77% for stolen funds in the second quarter of 2024, with $347.4 million recovered or frozen out of $512.9 million lost.