<

Li Finance swap aggregator has experienced a smart contract exploit, lost $600,000

Li Finance is the latest victim of smart contract mining, which resulted in the loss of $600,000 from the wallets of 29 users.

Users of the Li Finance (LiFi) protocol have suffered losses amounting to approximately $600,000

The mining took place at 09:51 am on March 20, 2022. The attacker extracted quantities of 10 different tokens from wallets that allow “infinite acceptance” to the Li Finance protocol. Among the stolen tokens are USD Coin (USDC), Polygon (MATIC), Rocket Pool (RPL), Gnosis (GNO), Tether (USDT), Metaverse Index (MVI), Audius (AUDIO), AAVE (AAVE), Jarvis Reward Token (JRT), and DAI (DAI).

When the matter reached the team (around 21:15 on March 20, 2022), they closed all platform swap functions to prevent further losses. Then, at 09:50 am this morning, the team investigated the events involved in detail. They found the attacker had exchanged the stolen tokens for 205 Ether (ETH), totaling around $600,000. At the time of writing, the stolen ETH has not yet been moved from the attacker’s wallet. LiFi also assures users that the bug has been identified and patched is complete.

Of the 29 hacked wallets, 25 were refunded from the treasury for the losses. Those 25 wallets represent just $80,000, or 13% of the total loss value. The owners of the remaining four wallets, who have lost 517,000 USD, have been contacted and offered a settlement agreement that they will be treated as angel investors in the protocol. Specifically, they will receive LiFi tokens on the same terms as other angel investors with an amount equal to their loss. This helps to minimize damage to the platform’s treasury.

The hackers have also been contacted and offered a bounty to ask them to return the money.

Read more:

Join us on Telegram

Follow us on Twitter

Follow us on Facebook

You might also like

LATEST NEWS

LASTEST NEWS