A Hacker Steals $600,000 in Li Finance Hack

The latest DeFi protocol hack involves Li Finance. On Sunday, March 20, a hacker’s exploit of the platform’s contract led to the loss of tokens valued at $600,000. In a swift reaction, the protocol platform reimbursed the owners of some of the wallets and has made provision to compensate others.

https://platform.twitter.com/widgets.js

Wallets Granted Infinite Approval To Protocol

According to a Cointelegraph report, the smart contract exploit, which took advantage of a bug in the code, affected 29 users of the LiFi protocol. It states that the attack which took place on Sunday, extracted tokens from wallets that gave permission to the platform. These wallets that had granted what it termed infinite approval from the platform had 10 different tokens stolen from them.

https://platform.twitter.com/widgets.js

The tokens that were extracted in the exploit are Gnosis (GNO), USD Coin (USDC), Polygon (MATIC), Metaverse Index (MVI), Rocket Pool (RPL), Tether (USDT), Audius (AUDIO), AAVE (AAVE), Jarvis Reward Token (JRT), and DAI (DAI).

The team disabled token swapping when they discovered the exploit 12 hours later. After reviewing that hack, the team discovered that the attacker swapped the coins for 205 ETH which is worth about $600,000.

Reached Our To Hacker

The team has already reimbursed 25 of the 29 wallet owners who lost about $80,000. The other four wallets that their owners lost $517,000 have been offered deals as angel investors in the protocol. The arrangement would give them the same benefits as the original angel investors in the platform. The hacker was also contacted to return the funds for a bug bounty reward.

Share:

Author: Jinka Kamma

Jinka Kamma is passionate about the prospects of blockchain and the freedom cryptocurrencies afford people across borders. He holds small amounts of bitcoin and tether.