All swap methods were deactivated as soon as the team was aware of the exploit, while they worked on a patch for the flaw.
Li Finance users lost hundreds of thousands of dollars
The hacker was able to take 205 ETH from 29 different wallets. USDC, MATIC, RPL, GNO, USDT, MVI, AUDIO, AAVE, JRT, and DAI are among the stolen assets.
The attacker converted all tokens to ETH and transported them to his wallet after the breach.
The team contacted the hacker and requested that the cash be returned, but no response has yet been received.
“If you are reading this, we would be glad if you could offer a big bounty, and we would promise not to reveal any information about your identity.”
How did it happen?
The pre-bridge switch functionality of Li Finance was used in the hack. A caller can pass an array of multiple swaps using any address with any call data to its smart contract.
This approach allowed the most freedom in terms of what DEXs and methods. This allowed anybody, not only DEXs, to call other contracts. The contract double-checks if the outcome of the swap or swaps is enough tokens to keep the bridging operation going.
The attacker began by making a genuine small-amount exchange, then made many direct calls to various token contracts.
The Li finance team uncovered the exploit 12 hours after the assault and promptly disabled all switching functionalities.
They’ve already compensated 26 of the 29 wallets, but they wanted to do something extra for the others. The remaining three wallets are estimated to be worth $397,000.
They offered to convert the missing funds into an angel investment to mitigate the treasury harm. They did stress, however, that the users’ final decision to accept or reject the offer is up to them.
Exploits like these serve as a reminder to everyone of the significances of better security. Because the finances and assets of thousands of people are at risk, it is critical to maintaining them secure.
However, as we can see, as security improves, hackers are scrambling to locate even the slightest crack through which they can launch their attack.