Cross-Chain Protocol Li.Fi Suffers $11M Exploit, Urges Users to Revoke Permissions
Crypto News

Cross-Chain Protocol Li.Fi Suffers $11M Exploit, Urges Users to Revoke Permissions

1m
Created 5mo ago, last updated 5mo ago

Cross-chain DeFi protocol Li.Fi has reportedly lost approximately $11 million due to an exploit.

Cross-Chain Protocol Li.Fi Suffers $11M Exploit, Urges Users to Revoke Permissions

Cross-chain DeFi protocol Li.Fi has reportedly lost approximately $11 million due to an exploit. According to CertiK, a wallet associated with the suspected hack held nearly $6 million in Ethereum (ETH) along with various amounts of stablecoins. The ongoing investigation suggests that the exploit targeted some Li.Fi users who had manually adjusted their account settings, the protocol's team stated in a post on X.

View post on Twitter

Li.Fi reassured users that the exploit has been "contained" and that users are no longer at risk. Blockchain data indicates that the compromised wallet contains roughly $5.8 million in ether, as well as USDC, USDT, and DAI stablecoins.

In a statement on Tuesday, Li.Fi urged users to "immediately use our secluded revoke website" to protect their accounts. The protocol identified four additional security breaches and advised users to revoke permissions through revoke.cash. Traders were also encouraged to visit scan.li.fi to check if their accounts had been compromised.

Crypto security firm Decurity suggested that the exploit may have stemmed from a vulnerability in the Li.Fi bridge. In a post on X, Decurity pointed to a potential issue with the depositToGasZipERC20() function in the GasZipFacet module, which was deployed only five days prior to the attack.

Li.Fi has faced significant security challenges in the past. In 2022, a bug in the protocol’s swapping feature resulted in a loss of $600,000 in cryptocurrency, according to a post-mortem analysis by Li.Fi on Medium.

This article contains links to third-party websites or other content for information purposes only (“Third-Party Sites”). The Third-Party Sites are not under the control of CoinMarketCap, and CoinMarketCap is not responsible for the content of any Third-Party Site, including without limitation any link contained in a Third-Party Site, or any changes or updates to a Third-Party Site. CoinMarketCap is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement, approval or recommendation by CoinMarketCap of the site or any association with its operators. This article is intended to be used and must be used for informational purposes only. It is important to do your own research and analysis before making any material decisions related to any of the products or services described. This article is not intended as, and shall not be construed as, financial advice. The views and opinions expressed in this article are the author’s [company’s] own and do not necessarily reflect those of CoinMarketCap.
0 people liked this article