DeFi Platform Li.Fi Suffers $9 Million Ethereum and Stablecoin Hack
Li.Fi, a cross-chain DeFi protocol, is believed to have suffered a loss of around $11 million in cryptocurrencies due to an exploit, according to updated information provided by the protocol. This figure was revised from nearly $9 million as initially indicated by the blockchain security firm CertiK earlier on Tuesday.
The exploit targeted a wallet associated with the hack, which contained close to $6 million in Ethereum (ETH) along with various stablecoins. The incident is still under investigation, with indications that it affected certain Li.Fi users who manually adjusted their account settings, as reported by the protocol’s team in a recent statement.
Li.Fi has assured users that the risk has been mitigated and the exploit has been contained. The protocol urged users to take immediate action by using a designated revoke website to address the security breaches identified. Traders can also verify the status of their accounts by visiting scan.li.fi.
Decurity, a crypto security firm, suggested that the exploit likely exploited a vulnerability in the Li.Fi bridge. This vulnerability allowed for an arbitrary call with user-controlled data via the `depositToGasZipERC20()` function in GasZipFacet, which was deployed five days before the incident.
This is not the first security incident for Li.Fi, as a bug in the protocol’s swapping feature led to losses of $600,000 in crypto back in 2022. The protocol conducted a post-mortem analysis of the attack, highlighting the need for ongoing vigilance in the DeFi space.
Li.Fi has been actively addressing the security breaches and has advised users to take necessary precautions to safeguard their assets. The protocol continues to investigate the exploit to prevent similar incidents in the future.
The root cause of the vulnerability is being closely examined by security experts to prevent such incidents from occurring in the future. Li.Fi remains committed to enhancing its security measures to protect user funds and ensure the integrity of the platform.
This incident serves as a reminder of the importance of robust security measures in the DeFi space and the need for constant vigilance to protect user assets from potential threats and vulnerabilities.
