LiFi or Li Finance, the swap aggregating firm has managed to lose about $600,000 in the latest exploit of DeFi. Quite recently, the scams and exploits in the world of cryptocurrency have been increasing for sure. Now, these scams are targeting good crypto sites as well.
In the latest news, LiFi was targeted by another exploit and the protocol users ended up losing about $600000. While there are some users who actually have been reimbursed for their money, others are still awaiting some kind of contribution.
Apparently, the hacker had exploited a certain bug that was present in the smart contract of the project. About 29 different wallets of the users lost their money due to this issue in the smart contracts.
The actual time when the exploit took place was about 2:51 AM UTC on the 20th of March. The attacker ended up extracting different amounts divided between 10 different tokens from the wallets of the users. These wallets had given something called ‘Infinite Approval’ to the protocol of Fi Finance.
The tokens that were stolen included Audius or AUDIO, USD Coin or USDC, Polygon or MATIC, Gnosis or GNO, Rocket Pool or RPL, and many others. The team learned about the incident about 12 hours later at about 2:15 PM and necessary actions were taken to prevent further losses.
After learning about the exploit that had taken place, the team shut down all the important functions of the platform in order to ensure that further action couldn’t be taken by the hacker.
A post mortem report was issued by the team on the 21st of March, 2:50 AM. People were provided with all the important events that took place during the exploit. According to the information collected by the team, the hacker swapped all of the stolen tokens for about 205 Ether or ETH.
The total amount of the stolen Ether would be somewhere around $600,000 in total. LiFi has also assured the users that the bug in the protocol had been identified and fixed. Out of the 29 wallets that had been robbed of the tokens, a total of 25 have been reimbursed for the losses that they have experienced from the funds of the treasure.
These 25 wallets accounted for just $80,000 of the total amount that was stolen or just 13%. The owners of the remaining four wallets that lost a combined $517,000 have been contacted and offered a deal to compensate them by honoring their losses as angel investors in the protocol.
Reimbursements Being Made By LiFi for People Who Lost Tokens
They would receive LiFi tokens under the same terms as other angel investors in an amount equal to their losses from each wallet. This would also help to mitigate the damage to the platform’s treasury. The hacker was also contacted and offered a bug bounty to return the funds.
The attack appears to have come at an unfortunate time. Li Finance CEO Philipp Zentner told Cointelegraph on March 21 that “We’re literally a week away from our audit,” adding that “we have multiple companies auditing us.”
However, even a detailed inspection of the entire coding may not have been able to pick this particular bug, according to a crypto investigator “Transmissions11” at crypto investment firm Paradigm.
He took to the platform of Twitter in order to explain how this particular error in Li Finance’s code was very easy to miss and “subtle if you’re not in the right mindset.” This recent hack that took place in the DeFi sector is the perfect demonstration of how giving infinite approvals to the good crypto sites and smart contracts can open up the door for certain illegal activities and end up costing money.
Also Read: Unauthorized Access to Client Data Held on Hubspot has been Confirmed by BlockFi
Join our Telegram Channel to get the best notification regarding Pricing Prediction, Trading Analysis, News, Blogs, and interviews.