The decentralized finance (DeFi) platform LI.FI protocol recently fell victim to an exploit that resulted in over $8 million being stolen. This incident has once again brought to light the vulnerabilities present in DeFi platforms and the need for stronger security measures to protect user funds.
Exploit Detection and Confirmation
Cyvers Alerts first reported detecting suspicious transactions within the LI.FI cross-chain transaction aggregator. LI.FI later confirmed the breach in a statement on July 16, urging users not to interact with any LI.FI powered applications. The team revealed that only users who had set infinite approval seemed to be affected by the exploit, but reassured those who did not set such approvals that they were not at risk.
According to reports, the hacker managed to steal more than $8 million in user funds, primarily consisting of stablecoins. The hacker’s wallet was found to hold 1,715 Ether (ETH) valued at $5.8 million along with USDC, USDT, and DAI stablecoins. Cyvers Alerts advised users to revoke relevant authorizations immediately to prevent further loss of funds.
Crypto security firm Decurity provided insights into the exploit, pointing out that it involved the LI.FI bridge. The root cause of the exploit was identified as a possibility of arbitrary call with user-controlled data via depositToGasZipERC20() in GasZipFacet. Decurity stressed the importance of understanding token approvals and recommended using tools like Revoke Cash to manage approvals securely.
Further analysis by PeckShield alert revealed that the vulnerability in the recent exploit was similar to a previous attack on LI.FI’s protocol that occurred on March 20, 2022. Following the earlier incident, LI.FI disabled all swap methods in its smart contract and worked on developing a fix to prevent future vulnerabilities. However, the recurrence of a similar exploit raises questions about the effectiveness of the platform’s security measures.
The recent exploit on LI.FI protocol highlights the ongoing challenges faced by DeFi platforms in ensuring the security of user funds. The attack serves as a reminder of the importance of implementing robust security measures and regularly auditing smart contracts to identify and address potential vulnerabilities. Users are urged to exercise caution when interacting with DeFi platforms and to stay informed about the risks involved in decentralized finance.
