Cross-chain protocol LI.FI suffers $8m hack attack

LI.FI, the decentralized protocol used to bridge assets between different networks, appears to have fallen victim to a hacker attack.

LI.FI, the multi-chain liquidity provider that facilitates cross-chain swaps for cryptocurrency exchange Jumper, has reportedly suffered a hacker attack that resulted in total losses of $8 million, as of press time.

Analysts at blockchain research firm Cyvers noted in a post by X on Tuesday morning that the hacker stole more than $8 million, mostly in stablecoins, and converted some of the stolen USD Coin (USDC) and Tether (USDT) into Ethereum (ETH).

Analysts urged LI.FI users to revoke their consent for the protocol and avoid any interaction with the protocol during the ongoing attack. Shortly after the attack, LI.FI told X that “only users who manually set infinite consents appear to be affected.”

This isn’t the first time LI.FI has faced a hacker attack. In March 2022, an unknown attacker exploited a vulnerability in the protocol’s smart contract, resulting in the loss of $600,000 worth of various tokens. A post-mortem update from the LI.FI team stated that the vulnerability was in the swap feature of the LI.FI smart contract, giving the attacker full control over the pre-bridge swap feature.

Founded in 2021 by Max Klenk and Philipp Zentner, the Berlin-based liquidity hub raised $17.5 million in a Series A fundraising event co-led by CoinFund and Superscrypt in April 2023. Other investors including Circle, Factor, Perridon, Theta Capital, Three Point Capital, and Abra also participated in the funding.