• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer
  • About us
  • Write for us
  • Terms and Conditions
  • Privacy Policy
  • Disclaimer
  • Contact
  • All Posts
  • Advertise

TronWeekly

Crypto World News

  • Home
  • Education
    • Best TRON Wallets
    • Beginner’s guide to TRON
  • Opinion
    • Tron Tokens
    • Market Analysis
  • Industry
    • Tron Exchange
    • Project Review
  • Press Release
  • Advertise
  • About us
    • The Team
    • Editorial Policy
    • Write for us
    • Privacy Policy
    • Disclaimer
    • Terms and Conditions
    • Contact
You are here: Home / News / Crypto Scam / Li Finance Loses Over $600,000 as a Hacker Exploits a Bug
Li Finance Loses Over $600,000 as a Hacker Exploits a Bug

Li Finance Loses Over $600,000 as a Hacker Exploits a Bug

March 24, 2022 by Vignesh Karunanidhi

At Li Finance, 29 users lost roughly $600,000 in what looks to be a smart contract exploitation. The vulnerability was carried out in a single transaction at 02:51 AM +UTC by hackers.

All swap methods were deactivated as soon as the team was aware of the exploit, while they worked on a patch for the flaw.

TLDR:

• ~$600K have been stolen from 29 wallets
• User don’t have to do anything
• Bug has been fixed and is already deployedhttps://t.co/fqOxJxDrZs

— LI.FI – Powers any cross-chain strategy (🦎,🦎) (@lifiprotocol) March 21, 2022

Li Finance users lost hundreds of thousands of dollars

The hacker was able to take 205 ETH from 29 different wallets. USDC, MATIC, RPL, GNO, USDT, MVI, AUDIO, AAVE, JRT, and DAI are among the stolen assets.

The attacker converted all tokens to ETH and transported them to his wallet after the breach.

The team contacted the hacker and requested that the cash be returned, but no response has yet been received.

“If you are reading this, we would be glad if you could offer a big bounty, and we would promise not to reveal any information about your identity.”

How did it happen?

The pre-bridge switch functionality of Li Finance was used in the hack. A caller can pass an array of multiple swaps using any address with any call data to its smart contract.

This approach allowed the most freedom in terms of what DEXs and methods. This allowed anybody, not only DEXs, to call other contracts. The contract double-checks if the outcome of the swap or swaps is enough tokens to keep the bridging operation going.

The attacker began by making a genuine small-amount exchange, then made many direct calls to various token contracts.

The Li finance team uncovered the exploit 12 hours after the assault and promptly disabled all switching functionalities.

They’ve already compensated 26 of the 29 wallets, but they wanted to do something extra for the others. The remaining three wallets are estimated to be worth $397,000.

They offered to convert the missing funds into an angel investment to mitigate the treasury harm. They did stress, however, that the users’ final decision to accept or reject the offer is up to them.

Exploits like these serve as a reminder to everyone of the significances of better security. Because the finances and assets of thousands of people are at risk, it is critical to maintaining them secure.

However, as we can see, as security improves, hackers are scrambling to locate even the slightest crack through which they can launch their attack.

Filed Under: Crypto Scam, Cyber Security, News Tagged With: Bug, Hacker, Li FInance

Primary Sidebar

Recent Posts

  • Binance Joins Hands With Kazakhstan to Develop a Crypto Framework May 26, 2022
  • Crypto Transfers in Thailand Will Be Exempt From VAT Until 2023 May 26, 2022
  • Exchanges Show Support in Assisting LUNA’s Revival by Listing the New LUNA 2.0 May 26, 2022
  • 29 Moonbird NFTs Worth $1.5M Succumbs To A Phishing Attack May 26, 2022
  • How to Play Craps at Crypto Casinos May 26, 2022

Footer

News

  • Altcoin News
  • Bitcoin News
  • Blockchain
  • Tron News
  • World

Digest

  • Meet the Founder
  • Price Winning Article
  • DeFi
  • Cyber Security
  • Crypto Scam

Industry

  • Project Review
  • Technology
  • Fintech
  • Tron Exchange
  • New in Town

Tron Universe

  • Event and Tron Parties
  • New in Town
  • Tron Tokens

Follow Us

Subscribe US

Copyright © 2022 · Tron Weekly. All Rights Reserved. NOTE: Tron Weekly is an independent crypto news site that adheres to the strict journalism policy anchored on transparency, trust, and objectivity, we have no affiliation with the TRON Foundation, its founder Justin Sun or any other cryptocurrency firm.