- LiFi protocols have been breached, causing $8 million to be lost so far.
- Cyber Alerts recommends revoking approval for 0x1231deb6f5749ef6ce6943a275a1d3e7486f4eae.
- Attackers are switching USDC and USDT to ETH, highlighting DeFi security risks.
The LiFi protocol, a critical API that facilitates swaps between the Ethereum Virtual Machine (EVM) and Solana (SOL), has been hit by a destructive cyberattack.
According to a report by Cyber Alerts, hackers were able to steal $8 million worth of cryptocurrencies, primarily stablecoins, by exploiting specific contract addresses associated with the LiFi protocol.
The breach was detected when Cyber Alerts flagged suspicious transactions associated with the 0x1231deb6f5749ef6ce6943a275a1d3e7486f4eae address in the LiFi protocol.
🚨Notification🚨@RepiprotocolOur system has detected a suspicious transaction involving your https://t.co/3LzbDK99Ed.
Users are advised to revoke authorization for: 0x1231deb6f5749ef6ce6943a275a1d3e7486f4eae
So far, over $8 million has been lost from users and most stablecoins!… pic.twitter.com/zsj9DZWnpU
— 🚨 Cyber Alerts 🚨 (@CyversAlerts) July 16, 2024
LiFi protocol attackers leverage user authentication.
According to Mayer Dolev, co-founder and CTO of Cyvers, the attackers used user authorization associated with this address to drain assets stored in wallets linked to smart contracts.
The attackers primarily converted USDC and USDT tokens to ETH, further exacerbating the financial impact of the breach.
In response to the breach, Cyber Alerts urgently advised users to revoke all authorizations granted to the compromised addresses. This precautionary measure aims to mitigate further losses within the LiFi protocol ecosystem.
Cyber Alerts continues to closely monitor the situation and expect continued updates as the investigation continues.
This incident highlights the continued vulnerability of decentralized financial platforms to sophisticated cyber threats, and serves as a stark reminder of the importance of robust security measures and vigilant user oversight in protecting digital assets within the blockchain ecosystem.