The developers of the protocol disclosed the details of the incident and assured that the vulnerability exploited by the attacker was detected and fixed.
A hacker took advantage of a vulnerability in the smart contract of the Li Finance project and stole $600,000 worth of cryptocurrency from the wallets of 29 users. The attack was carried out at 05:51 Moscow time on March 20, the attacker managed to steal 10 different altcoins, including USD Coin, Polygon, Rocket Pool, Gnosis, Tether, Metaverse Index, Audius, AAVE, Jarvis Reward Token and DAI.
The project team reported the incident to Twitter account. The state of emergency became known 12 hours after the attack, at 17:15 Moscow time, after which all exchange functions on the platform were disabled. At 5:50 Moscow time on March 21, the team published details of what happened on the blog.
It is known that the hacker exchanged the stolen tokens for 205 Ethereum worth approximately $600,000. As of March 21, 09:55 Moscow time, the cryptocurrency remains on the attacker’s wallet. Li Finance claims to have discovered and fixed the vulnerability that caused the hack.
Of the 25 wallets, the funds were refunded. However, they accounted for only $80,000 in cryptocurrency, or 13% of the total. Project leaders contacted the owners of the remaining addresses, who lost about $517,000, and offered them a compensation plan. The Li Finance team also contacted the hacker and offered him a reward for returning the stolen funds.
“Bitcoin will continue to rise.” Analysts assessed the prospects of cryptocurrency
— The main mistakes of beginners: how to lose money on cryptocurrency
— Investment idea: buying an Alice token in anticipation of an early rise in the rate
— Cryptobot exchanged tokens worth $45 for $2.6 million in Ethereum
Fraudsters started sending hundreds of millions of dollars worth of Nike tokens
You will find more news about cryptocurrencies in our RBC-Crypto telegram channel.