In the last few hours, the DeFi protocol LiFi has been hit by a huge $8M exploit. The attacker took advantage of vulnerabilities in LiFi’s smart contracts. The attacker manipulated transactions and drained millions of funds. This significant breach has highlighted several security flaws within LiFi’s system.
Blockaid Identifies LiFi Attacker Tricked Proxy Contracts
Blockaid, a leading security company, provided insights into the attack. As per a detailed investigation by Blockaid, the hacker found a bug in one of LiFi’s proxy contracts which act as a bridge between the platform and its users. This misuse of the proxy contract allowed the culprit to steal funds. By executing a series of transactions, the attacker inflated token prices. Ultimately, he managed to withdraw a large sum of money. Consequently, it caused substantial financial damage to LiFi.
The fact which makes this incident more shocking is that the platform had cleared security audits. It means that decentralised finance-related platforms must select those security firms which can track suspicious activities and mitigate the risks timely.
The CEO of Blockaid, Ido Ben-Natan, also shared his thoughts on this incident.
“The recent $8 million exploit on the LiFi protocol underscores the critical need for robust security measures in DeFi space. According to our analysis, this attack was made possible due to a bug in one of LiFi’s proxy contracts – a contract that acts as a middleman between users and the protocol – that allowed them to trick it into sending unauthorized transfer commands and siphon users’ funds.
This incident shows, again, why security audits can no longer be deemed as good enough – projects must complement these with security systems that detect exploits and attacks ahead of time, to mitigate the risk of vulnerabilities that audits overlook.
At Blockaid, we collaborate with DeFi platforms to prevent and mitigate such attacks. Our goal is to enhance the security landscape and protect users from the growing threats in the DeFi ecosystem by implementing security systems that are proactive, work in real-time, and can deploy defenses dynamically.”
$8M LiFi Exploit Highlights DeFi Security Needs
The attacks involved a drainer kit connected to the Inferno drainer group. The on-chain addresses involved in the attack are 0x0000c1c0a9087688bf6f0dfec2f385ebf18b0000 and 0x000037bb05b2cef17c6469f4bcdb198826ce0000. The second major weakness that was leveraged by the attackers was in the proxy implementation. Due to this flaw, the attackers were able to inject function calls into the contracts and execute transfers from calls on the approved users. An example of this exploit can be observed in the deposit to GasZipERC20 function of the hacked contract.
Indeed, due to the measures of security that Blockaid provides, such platforms as MetaMask, Coinbase, and Zerion were able to defeat this attack and prevent their users to become victims of a scam. These platforms did not waste time in doing this and made sure that the assets of the users, when they signed up in the ecosystem, were safe and that trust was maintained.
Finally, the $8 million hack on the LiFi platform showed that strict protection measures are necessary in the sphere of DeFi. Though LiFi became the subject of such an evolved attack, actions by Blockaid and other platforms denied users a flood of dangers. This case showed that it is still necessary to be careful and adhere to high levels of security even in such an actively growing and evolving area as decentralized finance.
