• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • About us
  • Write for us
  • Terms and Conditions
  • Privacy Policy
  • Disclaimer
  • Contact
  • All Posts
  • Advertise

TronWeekly

Crypto World News

  • Home
  • Education
    • Best TRON Wallets
    • Beginner’s guide to TRON
  • Opinion
    • Tron Tokens
    • Market Analysis
  • Industry
    • Tron Exchange
    • Project Review
  • Press Release
  • Advertise
  • About us
    • The Team
    • Editorial Policy
    • Write for us
    • Privacy Policy
    • Disclaimer
    • Terms and Conditions
    • Contact
You are here: Home / News / Crypto Scam / Li Finance Loses Over $600,000 as a Hacker Exploits a Bug
Li Finance Loses Over $600,000 as a Hacker Exploits a Bug

Li Finance Loses Over $600,000 as a Hacker Exploits a Bug

March 24, 2022 by Goku

At Li Finance, 29 users lost roughly $600,000 in what looks to be a smart contract exploitation. The vulnerability was carried out in a single transaction at 02:51 AM +UTC by hackers.

All swap methods were deactivated as soon as the team was aware of the exploit, while they worked on a patch for the flaw.

TLDR:

• ~$600K have been stolen from 29 wallets
• User don’t have to do anything
• Bug has been fixed and is already deployedhttps://t.co/fqOxJxDrZs

— 🇫🇷 LI.FI 🇫🇷 📍 Paris – ETHCC (@lifiprotocol) March 21, 2022

Li Finance users lost hundreds of thousands of dollars

The hacker was able to take 205 ETH from 29 different wallets. USDC, MATIC, RPL, GNO, USDT, MVI, AUDIO, AAVE, JRT, and DAI are among the stolen assets.

The attacker converted all tokens to ETH and transported them to his wallet after the breach.

The team contacted the hacker and requested that the cash be returned, but no response has yet been received.

“If you are reading this, we would be glad if you could offer a big bounty, and we would promise not to reveal any information about your identity.”

How did it happen?

The pre-bridge switch functionality of Li Finance was used in the hack. A caller can pass an array of multiple swaps using any address with any call data to its smart contract.

This approach allowed the most freedom in terms of what DEXs and methods. This allowed anybody, not only DEXs, to call other contracts. The contract double-checks if the outcome of the swap or swaps is enough tokens to keep the bridging operation going.

The attacker began by making a genuine small-amount exchange, then made many direct calls to various token contracts.

The Li finance team uncovered the exploit 12 hours after the assault and promptly disabled all switching functionalities.

They’ve already compensated 26 of the 29 wallets, but they wanted to do something extra for the others. The remaining three wallets are estimated to be worth $397,000.

They offered to convert the missing funds into an angel investment to mitigate the treasury harm. They did stress, however, that the users’ final decision to accept or reject the offer is up to them.

Exploits like these serve as a reminder to everyone of the significances of better security. Because the finances and assets of thousands of people are at risk, it is critical to maintaining them secure.

However, as we can see, as security improves, hackers are scrambling to locate even the slightest crack through which they can launch their attack.

Filed Under: Crypto Scam, Cyber Security, News Tagged With: Bug, Hacker, Li FInance

Primary Sidebar

Recent Posts

  • Litecoin Price Surges Before Halving as AltSignals Raises $876k During Presale June 1, 2023
  • XRPL Pioneer Reveals Groundbreaking Trading Approach June 1, 2023
  • May Madness: Over 15 Billion SHIB Tokens Burned In 191 Transactions June 1, 2023
  • Cardano Community Split in Response to Meme Coin Market Surge June 1, 2023
  • Binance’s Exit Boosts Kraken’s Popularity Among Canadian Crypto Traders June 1, 2023

Footer

News

  • Altcoin News
  • Bitcoin News
  • Blockchain
  • Tron News
  • World

Digest

  • Meet the Founder
  • Price Winning Article
  • DeFi
  • Cyber Security
  • Crypto Scam

Industry

  • Project Review
  • Technology
  • Fintech
  • Tron Exchange
  • New in Town

Tron Universe

  • Event and Tron Parties
  • New in Town
  • Tron Tokens

Follow Us

Subscribe US

Copyright © 2023 · Tron Weekly. All Rights Reserved. NOTE: Tron Weekly is an independent crypto news site that adheres to the strict journalism policy anchored on transparency, trust, and objectivity, we have no affiliation with the TRON Foundation, its founder Justin Sun or any other cryptocurrency firm.