The developers of the protocol disclosed the details of the incident and assured that the vulnerability exploited by the attacker was detected and fixed.
A hacker took advantage of a vulnerability in the smart contract of the Li Finance project and stole $600,000 worth of cryptocurrency from the wallets of 29 users. The attack was carried out at 05:51 Moscow time on March 20, the attacker managed to steal 10 different altcoins, including USD Coin, Polygon, Rocket Pool, Gnosis, Tether, Metaverse Index, Audius, AAVE, Jarvis Reward Token, and DAI. The project team reported the incident on a Twitter account. The state of emergency became known 12 hours after the attack, at 17:15 Moscow time, after which all exchange functions on the platform were disabled. On March 21, the team published details of what happened on the blog.
It is known that the hacker exchanged the stolen tokens for 205 Ethereum worth approximately $600,000. As of March 21, the cryptocurrency remains in the hacker's wallet. Li Finance claims to have discovered and fixed the vulnerability that caused the hack.
Of the 25 wallets, the funds were refunded. However, they accounted for only $80,000 in cryptocurrency or 13% of the total. Project leaders contacted the owners of the remaining addresses, who lost about $517,000, and offered them a compensation plan. The Li Finance team also contacted the hacker and offered him a reward for returning the stolen funds.
No comments:
Post a Comment