According to blockchain security firm PeckShield, Berlin-based cryptocurrency trading aggregator LI.FI has been drained of $8 million.
In a post on X social media platform, the cryptocurrency start-up warned users against interacting with any applications powered by LI.FI for the time being.
The project's team is currently in the process of investigating a potential exploit.
If you did not set infinite approval, you are not at risk. "Only users that have manually set infinite approvals seem to be affected," it added.
Alex DovbnyaDEX trading platform Oku Trade announced that it has temporarily disabled LI.FI from Oku Bridge.
This is not the first time that LI.FI has experienced a security breach. In March 2022, roughly $600,000 worth of USDC, MATIC, AAVE and other tokens were stolen from 29 wallets.
In fact, according to PeckShield, the bug is "basically the same" this time around, meaning that the project has not learned from its previous mistakes.
Back in 2022, the hacker managed to steal hundreds of thousands of dollars by exploiting the protocol's prebridge swapping feature. The funds were stolen with a single transaction. "The attacker started by passing a legitimate swap of a small amount followed by multiple calls directly to various token contracts," the project explained.
The start-up claimed that the attack took place due to its inability to finish the audit earlier. It added that its security measures had to be "drastically" improved.
Back in July 2022, LI.FI secured $5.5 million worth of funding from the likes of Coinbase and Lattice Capital.
In May 2023, it introduced a decentralized exchange aggregator as well as a token bridge.
Disclaimer: The opinions expressed by our writers are their own and do not represent the views of U.Today. The financial and market information provided on U.Today is intended for informational purposes only. U.Today is not liable for any financial losses incurred while trading cryptocurrencies. Conduct your own research by contacting financial experts before making any investment decisions. We believe that all content is accurate as of the date of publication, but certain offers mentioned may no longer be available.
Dan Burgin
Vladislav Sopov