0
0
Bridging Protocol LI.FI Hit by Exploit
The protocol saw more than $10M in user funds drained due to a 'call injection' exploit.
0
0
Cross-chain blockchain protocol LI.FI has lost $11.6 million in an exploit, but says operations are now back to normal.
What's the scoop?
- User Advisory: The team has asked users to avoid the protocol and revoke permissions if you have set unlimited permissions on tokens through LI.FI or Jumper Exchange.
- Recurring Issues: Security firm Peckshield alleges a similar attack affected LI.FI in 2022.
- Security Measures: LI.FI advises users to use a site like Revoke.Cash to revoke permissions as soon as possible. (Learn how to use Revoke Cash here.)
Bankless Take:
This LI.FI exploit is another painful reminder of the importance of constant onchain vigilance and the need for diligent security practices. The hack originated from a new contract deployed five days ago to pay gas fees on Ethereum. While the LI.FI team has already sprung into action and is working with law enforcement to hopefully recover the funds, we should all take this as a lesson to regularly review and revoke unnecessary onchain permissions to safeguard our bags.
Jumper chads!@jumperexchange is SAFE TO USE.
— Jumper (@JumperExchange) July 16, 2024
Incident has been contained and Jumper is safe and operational! 🫡