The recent exploit on the decentralized finance (DeFi) platform LI.FI protocol has once again raised concerns about the security measures within the platform. The exploit, amounting to over $8 million, has shed light on the vulnerabilities that exist and the need for better safeguards to protect user funds.
Detection of Suspicious Transactions
Cyvers Alerts was the first to report detecting suspicious transactions within the LI.FI cross-chain transaction aggregator. The team at LI.FI quickly confirmed the breach and issued a statement advising users not to interact with any LI.FI powered applications at that moment. It was emphasized that only users who had set infinite approvals were at risk, while others were safe from the exploit.
According to reports, the hacker managed to steal over $8 million in user funds, with the majority of the stolen assets being stablecoins. The hacker’s wallet contained 1,715 Ether (ETH) valued at $5.8 million, along with USDC, USDT, and DAI stablecoins. The attack involved an arbitrary call with user-controlled data via “depositToGasZipERC20()” in GasZipFacet, which was deployed just five days prior to the exploit.
Insights from Security Firms
Decurity, a crypto security firm, provided insights into the exploit, explaining that the root cause lies in the LI.FI bridge. They highlighted the risks associated with token approvals and emphasized the importance of understanding which tokens users are approving to which contracts. Additionally, they advised users to revoke relevant authorizations immediately to prevent further losses.
Similarities to Previous Attacks
Further analysis by PeckShield alert revealed that the vulnerability exploited in the recent attack is similar to a previous attack on LI.FI’s protocol that occurred earlier in the year. The previous incident also involved a bad actor exploiting the smart contract’s swapping feature before bridging, resulting in the theft of approximately 205 ETH from 29 wallets.
The recurrence of a similar exploit raises questions about LI.FI’s security measures and whether adequate steps were taken to address the vulnerabilities identified in the previous breach. Following the 2022 incident, LI.FI disabled all swap methods in its smart contract and worked on developing a fix to prevent future vulnerabilities. However, the recent exploit indicates that more needs to be done to safeguard user funds.
The recent exploit on the LI.FI protocol highlights the importance of robust security measures within decentralized finance platforms. It is crucial for platforms like LI.FI to continuously assess and improve their security protocols to protect user funds from malicious actors. The repeated security incidents point to the need for greater vigilance and proactive steps to prevent future breaches.
Leave a Reply