Li.Fi Suffers $11 Million DeFi Exploit
Li.Fi, a popular cross-chain DeFi protocol, has been hit by a security exploit resulting in the loss of over $10 million in cryptocurrencies. The incident is a stark reminder of the ongoing security challenges faced by DeFi platforms.
What Happened?
On July 16th, a vulnerability in Li.Fi’s bridge was exploited, allowing hackers to steal crypto assets. The attack primarily targeted users who had granted “infinite approval” permissions to the Li.Fi protocol. This setting essentially gives unlimited access to user funds, creating a significant security risk.
Impact and Response
Li.Fi quickly disabled the affected smart contract and claimed to have contained the exploit. The team urged users to revoke approvals for specific addresses linked to the hack. Tools like Revoke.cash can be used for this purpose. This incident is a setback for Li.Fi, following a similar exploit in 2022 that resulted in $600,000 in losses.
Lessons Learned
The Li.Fi hack emphasizes the critical importance of user vigilance in DeFi. Avoiding “infinite approval” settings and regularly reviewing permissions are crucial steps to protecting your assets. DeFi platforms must prioritize robust security measures to build user trust and confidence in the ecosystem.
What This Means for You
If you use Li.Fi, check your account settings and revoke any unnecessary approvals. Be cautious about granting “infinite approval” permissions to any smart contract. Stay informed about security developments within the DeFi space.
