Li.Fi bridging protocol was exploited for over $8 million on Tuesday, with the attacker targeting specific accounts. The platform urged users not to interact with any Li.Fi-powered applications.
The prevalence of cyber attacks remains a dominant threat to the industry, and participants must stay constantly on guard lest they fall victim.
Li.Fi Protocol Hacked for Over $8 Million
The Li.Fi Protocol confirmed the attack in a post on X, urging users not to interact with any Li.Fi-powered applications. Based on the report, the hacker targeted accounts with a manual “infinite approvals” setting.
“Please do not interact with any Li.Fi-powered applications for now! We are investigating a potential exploit. If you did not set infinite approval, you are not at risk,” the announcement read.
The platform urges users to revoke all approvals for three addresses, offering to help upon request.
“We urge all users to immediately use our secluded revoke website; four more security breaches have been identified,” the protocol updated. Furthermore, the report added that all user funds who interacted with LiFi protocols are at risk as well. LiFi is one of Superform Protocol’s bridging providers. The attack did not impact Superform.
“In summary, 153 wallets were affected, and Li.Fi is working on a voluntary compensation for those impacted,” Li.Fi spokesperson told BeInCrypto.
Various security firms highlighted the attack, including Cyvers and De.Fi Antivirus Web 3. According to the former, the exploit affects approvals for Circle’s USD Coin (USDC), Tether’s USDT stablecoin on Ethereum (ETH) mainnet, and Arbitrum (ARB).
“Check your wallet for any suspicious activities across these networks. If you have interacted with Li.Fi protocol on either chain, take immediate action to secure your assets,” Cyvers added.
On the other hand, De.Fi Antivirus Web3 revealed that the exploiter executed a series of suspicious withdrawals from the protocols’ contracts. It also exposed the wallet holding the $8 million loot, showing different currencies on Ethereum and Arbitrum contracts.
Read more: 15 Most Common Crypto Scams To Look Out For
Cyber attacks highlight how risky the decentralized finance (DeFi) space can be. Exploiters capitalize on system vulnerabilities to steal user funds. Only weeks ago, The Open Network (TON) was in the headlines for its susceptibility to phishing attacks.
In May, a crypto investor lost up to $6.9 million in Ether tokens due to a sophisticated phishing scam. The bad actor used a malicious permit signature. Taken together, these reports reveal the sophistication and tactic revamps that bad actors use to plague the industry. They also highlight the need for caution, especially regarding manual settings and granting permissions on sites.
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and Conditions, Privacy Policy, and Disclaimers have been updated.