Hackers siphoned substantial amounts of USDC and USDT from LIFI. Credit: Jakub Porzycki, NurPhoto via Getty Images
Share
Key Takeaways
LIFI recently experienced a major cyberattack.
The platform responded by securing their system and promising refunds to affected users.
The incident reflects persistent security challenges, mirroring a similar hack in 2022.
LIFI, a well-known cross-chain blockchain protocol, was hacked on July 16. The exploit resulted from a smart contract update that inadvertently introduced a vulnerability due to human error.
Approximately 153 exchange wallets were impacted, leading to the loss of nearly $12 million in USDC, USDT, and DAI stablecoins.
LIFI Protocol Swiftly Contains Security Breach
On July 18, a few days after the exploit, the LIFI protocol team released an incident report outlining their response to the breach. The report detailed how they promptly acted on their incident response plan and deactivated the compromised component across all chains.
The team opined that its rapid detection and response were crucial in minimizing further losses and securing the network from additional vulnerabilities.
“Upon detecting the security breach, our team immediately activated the incident response plan, successfully disabling the vulnerable facet across all chains. This action contained the threat and prevented any further unauthorized access.”
Human Error in Deployment Blamed for Lost User Funds
According to the report, the vulnerability stemmed from a flaw in transaction validation linked to the protocol’s use of the widely employed LibSwap code library. This library, integral to numerous decentralized exchanges and DeFi protocols, was affected by a human error during the protocol’s deployment process.
— Crypto economy (EN) (@CryptoEconomyEN) July 18, 2024
Security firm Decurity linked the root cause of the breach to a recent update to one of LIFI’s smart contracts.
LIFI is now working to help users recover their funds. The team is collaborating with authorities and web3 security experts to support their recovery efforts.
The protocol team has contacted the affected wallet holders and asked them to complete a specific form to enable direct communication. “Your cooperation is crucial,” LIFI stated, underscoring the importance of user involvement in resolving the situation.
Urgent Response to the Hack
CyversAlerts first sounded the alarm on the exploit, recommending that LIFI users revoke their approvals. The cybersecurity platform first detected the breach on the Ethereum blockchain and noted that it had expanded to the Arbitrum network.
During the attack, hackers stole massive amounts of USDC and USDT. Soon after, the attackers attempted to convert the stablecoins to Ether.
Following CyverAlerts’ report, LIFI confirmed the breach and urged all its users to stop using its services immediately. The DeFi platform set up a special website that recommended all users temporarily revoke contract approvals until they could “further investigate.”
LIFI linked the vulnerability to wallets with infinite approvals. The platform confirmed that only a small number of users were affected.
A smart contract exploit earlier today has been contained and the affected smart contract facet disabled.
There is currently no further risk to users.
The only wallets affected were set to infinite approvals, and represented only a very small number of users.
At the time of writing, LIFI confirmed that its platform was operational and the exploit had been resolved. The DeFi platform stated that it was working with law enforcement and industry participants to trace and recover the stolen funds.
Call for Help Amidst the Turmoil
Amidst the chaos of this hack, reports surfaced on social media of users frantically seeking assistance, highlighting the widespread confusion and concern caused by the hack, as in the case of X user MelGP.
Credit: X
With apprehensions growing, LIFI assured users that it would “refund all affected users the full balance lost during the exploit.”
Not LIFI’s First Rodeo
This isn’t the first time LIFI has faced security issues. On X, Peckshield highlighted a similar attack that occurred in March 2022.
While analyzing today's @lifiprotocol hack, we notice an earlier hack on the same protocol on March 20, 2022.
The blockchain security platform noted that hackers exploited a similar vulnerability two years ago and pocketed over $600,000 from 29 wallets. LIFI managed the situation by refunding affected users and attempting to negotiate with the hacker.
Whether LIFI has learned from its previous attacks remains an open question. However, the platform’s repeated security breaches stress the need for better security measures and auditing to prevent such attacks from occurring.
Dr. Lorena Nessi is an award-winning journalist and media technology expert with 15 years of experience in digital culture and communication. Based in Oxfordshire, UK, she combines academic insight with hands-on media practice.
She holds a PhD in Communication, Sociology, and Digital Cultures, and an MA in Globalization, Identity, and Technology.
Lorena has taught at Fairleigh Dickinson University, Nottingham Trent University, and the University of Oxford. She is a former producer for the BBC in London, with additional experience creating television content in Mexico and Japan.
Her research focuses on digital cultures, social media, technology, capitalism, and the societal impact of blockchain innovation.
She has written extensively on digital media and emerging technologies, with her work featured in both academic and media platforms. Her Web3 expertise explores how blockchain technologies shape culture, economics, and decentralized systems.
Outside of work, Lorena enjoys reading science fiction, playing strategic board games, traveling, and chasing adventures that get her heart racing. A perfect day ends with a relaxing spa and a good family meal.
