Fun

Li.Fi releases incident report following $11M hack

News Feed - 2024-07-19 04:07:26

Vince Quill13 hours agoLi.Fi releases incident report following $11M hackThe team also announced it was working on a voluntary compensation plan to reimburse 100% of funds to users affected by the exploit.848 Total views5 Total sharesListen to article 0:00NewsOwn this piece of crypto historyCollect this article as NFTJoin us on social networksFollowing the $11.6 million exploit of the Li.Fi protocol, an API used to bridge and swap digital assets across blockchains, the Li.Fi team released an update outlining the technical details of the breach.


According to the security update, the deployment of a new smart contract facet was ground zero forthe malicious attack. A vulnerability in the code allowed users calling the smart contract to initiate calls to any contract without prior validation.


This function is a result of code taken from the LibSwap library, used to facilitate calls between decentralized exchanges, service providers, and clients to coordinate the asset bridging and swapping processes.


Normally, these calls are screened against whitelisted addresses to ensure validation. However, Li.Fi explained that human error in deploying the offending smart contract facet was the root cause of the vulnerability exploited by the malicious actor.


The Li.Fi team confirmed the attack occurred on the Ethereum and Arbitrum networks and affected 156 wallets with the “infinite approvals” option turned on. Users without this option turned on were not affected by the exploit.Source: Li.Fi protocol


In statements to Cointelegraph, spokespeople for Li.Fi said they contained the exploit, addressed the critical vulnerability, and contacted the proper law enforcement authorities to trace stolen funds. At the time of this writing, the issue has been fixed, and Li.Fi is operating normally.


Related: Lazarus is moving millions from $305M DMM Bitcoin hack — ZachXBTNot the first time


In March 2022, Li.Fi was hit by a similar exploit affecting users with the “infinite approval” option turned on. The hackers drained $600,000 from the protocol from 29 wallets before the vulnerability was addressed.


The protocol was quick to reimburse investors for their losses, refunding 24 wallets directly from its treasury and offering the remaining five wallets a voluntary compensation plan akin to that received by early angel investors of Li.Fi.Crypto hacks put the damper on the industry in 2024


Unfortunately, hacks and exploits continue to plague the crypto industry and the decentralized financial sector, in particular.A chart comparing 2022-2024 losses from crypto hacks. Source: TRM.


According to a recent report from security firm Cyvers, 2024 losses from crypto exploits are nearing $1.4 billion, driven primarily by phishing attacks, and have risen sharply since 2023.


Magazine: Best and worst countries for crypto taxes — plus crypto tax tips# Blockchain# Business# Security# Cybersecurity# Hacks# DeFiAdd reaction

News Feed

Integritee Co-Founder Alain Brenzikofer Explains How to Attract Enterprises to Use a Public Blockchain
Integritee Co-Founder Alain Brenzikofer Explains How to Attract Enterprises to Use a Public Blockchain In development since 2018, Integritee AG’s solution enables sensitive
Major Korean Banks Back Bitcoin Startup Coinplug’s $6.4 Million Round
Coinplug, one of the earliest bitcoin exchange, wallet and payment startups in South Korea, has raised 7.5 billion won, or $6.4 million, from venture arms of major local financial institutions.
OKX Ventures invests in Web3 ‘play ARPG to train AI’ game Blade of God X
Tristan Greene7 hours agoOKX Ventures invests in Web3 ‘play ARPG to train AI’ game Blade of God XThe game is currently available in early access on the Epic Games Store.1142 Total views5 Total sharesListen to article
Turner Wright2 hours agoSEC pushes deadline for ARK 21Shares spot Bitcoin ETF to JanuaryThe commission gave itself an additional 60 days to consider the listing of ARK 21Shares’ investment vehicle on the Cboe BZX Excha
Devs Send the First Dogecoin Transaction Without Internet via Radio Doge
Devs Send the First Dogecoin Transaction Without Internet via Radio Doge According to Dogecoin developer Michi Lumin, a DOGE transaction was sent via radio using a protocol called
20000% in One Minute on Play to Earn Game Tothesmart
20000% in One Minute on Play to Earn Game Tothesmart press release PRESS RELEASE.The crypto enthusiast has got 10,032 BUSD into their wallet by buying virtual miners in the Play To
Celsius Files for Bankruptcy — Regulator Says the Crypto Lender Is ‘Deeply Insolvent’
Celsius Files for Bankruptcy — Regulator Says the Crypto Lender Is "Deeply Insolvent" Another crypto lender, Celsius Network, has sought bankruptcy protection in the U.S. “
Elisha Owusu Akyaw7 hours agoHashing It Out: MobileCoin CEO says crypto must make space for more womenSara Drakeley says crypto has a reputation for being a ”bro space” and urges the industry to make provisions that
CoinDCX crypto exchange acquires BitOasis, expands into MENA region
Josh O"Sullivan12 hours agoCoinDCX crypto exchange acquires BitOasis, expands into MENA regionCoinDCX’s acquisition of BitOasis opens new opportunities in the Middle East and ensures regulated and secure trading.1593 T
Chainlink aims to bolster cross-chain security via Transporter
Zoltan Vardai8 hours agoChainlink aims to bolster cross-chain security via TransporterChainlink aims to make cross-chain bridges, which account for nearly 50% of all value lost to DeFi exploits, more secure.515 Total vie
OpenAI set off an arms race and our security is the casualty
Dr. Merav Ozair3 hours agoOpenAI set off an arms race and our security is the casualtyRecent research found that ChatGPT, as well as Google"s Gemini and Microsoft"s Copilot are rife with security vulnerabilities — so s
Alchemy Pay Adds Euros Pay-in Offerings via Paytend
Alchemy Pay Adds Euros Pay-in Offerings via Paytend press release PRESS RELEASE. Singapore, February 2022 – Leading fiat and crypto payment solutions provider, Alchemy Pay (A