Hackers Loot Nearly $600,000 From Li Finance Blockchain Protocol Users; Polygon, USD Coin Among Stolen Assets

Li Finance blockchain protocol is reimbursing the affected wallets and has also claimed that the vulnerability has been fixed.

By Radhika Parashar | Updated: 22 March 2022 16:29 IST

Hackers Loot Nearly $600,000 From Li Finance Blockchain Protocol Users; Polygon, USD Coin Among Stolen Assets

Photo Credit: Pixabay/ Gerd Altmann

The attackers converted the different crypto assets into 208 Ether tokens worth Rs. 4.5 crore.

Highlights

Polygon, Tether, USD Coin, and DAI among stolen assets
Hackers exploited vulnerability in LiFi’s smart contract
LiFi is issuing reimbursements to affected wallets

Hack attacks targeting the crypto sector have bubbled up in large numbers lately. Li Finance (LiFi), a blockchain protocol, has become the latest victim of notorious hackers who stole nearly $600,000 (roughly Rs. 4.5 crore) from 29 crypto wallets associated with it. Upon investigation, LiFi found that hackers violated the swapping feature of its smart contract and drained crypto assets from wallets that had given infinite approvals. The attackers converted the different crypto assets into 208 Ether tokens, which amounts to Rs. 4.5 crore at the time of writing.

LiFi describes itself as a crypto swap aggregator that allows people to convert the cryptocurrency they hold, into another crypto asset.

The platform, that was hacked on March 20, had to tentatively disable all swap methods on its protocol. Polygon, USD Coin, Tether, and DAI are among the crypto assets that were stolen by hackers.

US Couple Accused of Stealing BTC in 2016 Bitfinex Hack Now Worth $5 Billion

We are investigating a potential exploit on https://t.co/nlZEnqOyQz smart contract:
0x5a9fd7c39a6c488e715437d7b1f3c823d5596ed1

All swap methods have been disabled until we can lock them down and ensure they are safe for use. We will update you as we find out more.
— LI.FI - Any-2-Any Swaps (:lizard:,:lizard:) (@lifiprotocol) March 20, 2022

Out of the 29 affected wallets, 25 have been reimbursed, the company claimed in its Twitter post. As per CryptoPotato, the collective amount stored in these 25 wallets adds up to $80,000 (roughly Rs. 60 lakh).

For the remaining four wallets that held the majority of the stolen funds, LiFi has extended a special proposal.

Crypto Firm Wormhole Offers $10 Million to Hacker After Losing $322 Million

“We are offering to transform the lost funds into an angel investment into LiFi and, thus, future LiFi tokens under the same terms as our investors in the current funding round. One might see it as an opportunity that would not be possible otherwise with huge upside potential,” LiFi has proposed.

If users decline this option, they would be reimbursed the same way other wallets were.

The company has also claimed that the vulnerability has been fixed.

TLDR:

• ~$600K have been stolen from 29 wallets
• User don't have to do anything
• Bug has been fixed and is already deployedhttps://t.co/fqOxJxDrZs
— LI.FI - Any-2-Any Swaps (:lizard:,:lizard:) (@lifiprotocol) March 21, 2022

In 2021, the centralised elements of the Decentralised Finance (DeFi) protocol were breached by cyber criminals, amounting to over $1.3 billion (roughly Rs. 9,606 crore) in losses, a report by blockchain research firm CertiK had revealed.

DeFi stands for decentralised finance. It is a system that allows financial products to appear on a public blockchain network which is not regulated by a central bank or intermediary.

Last year in August, hackers breached blockchain-based platform Poly Network and extracted more than $600 million (roughly Rs. 4,480 crore) in cryptocurrencies, marking DeFi's biggest hack ever.

In February this year, crypto platform Wormhole Portal lost $322 million (roughly Rs. 2,410 crore) in a hack attack, making it the second largest breach to have hit the DeFi sector.

Around the same time, OpenSea, the world's biggest marketplace for non-fungible tokens (NFTs), also lost hundreds of digital collectibles in a phishing attack over the weekend. The incident has reportedly caused OpenSea losses worth $1.7 million (roughly Rs. 12.5 crore).

Asus India's Arnold Su joins this week's Orbital, the Gadgets 360 podcast, to talk about how the PC maker is planning to grow its presence in the country. Orbital is available on Spotify, Gaana, JioSaavn, Google Podcasts, Apple Podcasts, Amazon Music and wherever you get your podcasts.

Affiliate links may be automatically generated - see our ethics statement for details.

Comments

For the latest tech news and reviews, follow Gadgets 360 on X, Facebook, WhatsApp, Threads and Google News. For the latest videos on gadgets and tech, subscribe to our YouTube channel. If you want to know everything about top influencers, follow our in-house Who'sThat360 on Instagram and YouTube.

Further reading: Cryptocurrency, Hack, LiFi, Li Finance, Hackers, Tether, Polygon, USD Coin, DAI, Ethe

Radhika Parashar

Email Radhika

Radhika Parashar is a senior correspondent for Gadgets 360. She has been reporting on tech and telecom for the last three years now and will be focussing on writing about all things crypto. Besides this, she is a major sitcom nerd and often replies in Chandler Bing and Michael Scott references. For tips or queries you could reach out to her at RadhikaP@ndtv.com. More