LiFi Protocol loses over $8M in a cyberattack - CoinJournal
07/16/2024 20:55LiFi Protocol, a vital API facilitating swaps between Ethereum virtual machine (EVM) and Solana (SOL), has fallen victim to a devastating cyberattack.
- LiFi Protocol has been breached and $8M have been drained so far.
- Cyvers Alerts advises revoking approvals for 0x1231deb6f5749ef6ce6943a275a1d3e7486f4eae.
- Attackers are converting USDC and USDT to ETH, emphasizing DeFi security risks.
LiFi Protocol, a vital API facilitating swaps between Ethereum virtual machine (EVM) and Solana (SOL), has fallen victim to a devastating cyberattack.
Reports from Cyvers Alerts indicate that hackers have exploited a specific contract address associated with LiFi Protocol, leading to the theft of more than $8 million in cryptocurrencies, predominantly stablecoins.
The breach was detected when Cyvers Alerts flagged suspicious transactions linked to the address 0x1231deb6f5749ef6ce6943a275a1d3e7486f4eae on LiFi Protocol.
🚨ALERT🚨@lifiprotocol, Our system has raised suspicious transactions involving your https://t.co/3LzbDK99Ed
We recommend users to revoke their approvals for: 0x1231deb6f5749ef6ce6943a275a1d3e7486f4eae
More than $8M have been drained so far from users and mostly stablecoins!… pic.twitter.com/zsj9DZWnpU
— 🚨 Cyvers Alerts 🚨 (@CyversAlerts) July 16, 2024
LiFi Protocol attackers leveraged user approvals
According to Meir Dolev, co-founder and CTO at Cyvers, the attackers have leveraged user approvals linked to this address to drain assets stored within smart contracts and connected wallets.
The attackers have predominantly converted USDC and USDT tokens into ETH, exacerbating the financial impact of the breach.
In response to the breach, Cyvers Alerts has urgently advised users to revoke any approvals granted to the compromised address. This precautionary measure aims to mitigate further losses within the LiFi Protocol ecosystem.
Cyvers Alerts continues to monitor the situation closely, with ongoing updates anticipated as investigations progress.
The incident underscores the persistent vulnerability of decentralized financial platforms to sophisticated cyber threats. It serves as a stark reminder of the importance of robust security measures and vigilant user oversight in safeguarding digital assets within blockchain ecosystems.