VERDICT —UNRATED
Verdict pending. Auto-ingested incidents are reviewed before a public verdict is rendered.
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
According to official reports, attackers exploited Li.finance’s smart contracts and managed to steal around $600,000 (currently worth $587,500 or 205 ETH) from 29 wallets. Attackers took various tokens from users’ wallets, including USDC, MATIC, RPL, GNO, USDT, MVI, AUDIO, AAVE, JRT, and DAI. The project team has found the vulnerability and created a fix, compensating most of the affected users in less than 18 hours. Attack method (per SlowMist): Contract Vulnerability. Reported loss: $ 600,000.
Sourced from
slowmist
Technical record
- chain
- —
- protocol
- Li.finance
- bug_class
- logic
- date_occurred
- 2022-03-20
- loss_usd
- $600,000
- source_id
- sm:li-finance::2022-03-20
Related — same bug class· logic