Back to blog

Li Finance: $600,000 lost in latest DeFi exploit

By:

loading

SCORECHAIN

Date: March 24th 2022

Published on: Global News

Tags:

AML, crypto AML, Crypto Compliance, Cryptocurrency, Cryptoregulation, Decentralized Finance, DeFi, hack, RiskAML, Virtual asset,

Li Finance: $600,000 lost in latest DeFi exploit

An attacker struck another decentralized finance (DeFi) protocol this week. On Monday, Li Finance announced the exploit of its smart contract resulting in the loss of $600,000 worth of funds.

Li Finance exploit: what happened?

On March 20, the attacker exploited a vulnerability in LI.FI smart contract to pull off Li Finance exploit as announced in a post mortem on Li Finance’s website. 

Indeed, the attacker took advantage of a vulnerability in LI.FI smart contract’s swapping feature. As a result, the attacker has been able to drain 29 wallets that allowed “infinite approval” to the exploited contract. Li Finance’s reacted swiftly after it heard about the exploit and disabled swapping functions and default infinite approval of the protocol.

However, the Li Finance team already reimbursed 25 users out of 29. The team offered an “alternatively normal reimbursement” to the remaining users. The team, who is currently working on a fix, also announced it had contacted the attacker.

Screenshot of the message left by Li Finance team to the attacker on Etherscan
Message left by Li Finance team to the attacker, source: Etherscan

Analysis of Li Finance exploit

Li Finance’s exploit took place on March 20, at 02:51 am UTC. The attacker transferred $600,000 from 29 wallets to another wallet (0x878099F08131a18Fab6bB0b4Cfc6B6DAe54b177E) in one transaction.

First, the attacker stole various tokens. For instance:

  • 202,012 units of USDT;
  • 368,745 units of USDC;
  • 8.9 units of AAVE;
  • 8,421 units of DAI.

Then, the attacker swapped the stolen tokens for ETH on a decentralized exchange (DEX) platform as shown below in our Exploration Tool.

Screenshot of Scorechain's Exploration Tool displaying Li Finance exploit's transactions
Visualization of the swaps in Scorechain’s Exploration Tool

In total, the attacker swapped the tokens for 205 units of ETH which is currently worth $600,000+. Scorechain’s team already red-flagged the address as “hack” which now has a low Risk-AML score. For now, the funds still sit in the attacker’s wallet but the team will keep monitoring the address closely.

Screenshot of red flagged Li Finance exploit address on Scorechain's platform
Flagged address related to Li Finance hack on Scorechain Ethereum Analytics

The Li Finance exploit is reminding of what happened with the Poly Network hack, the largest DeFi hack to date. In the same manner, Poly Network’s attacker exploited a vulnerability in the smart contract resulting in the loss of hundreds of millions of dollars. However, Poly Network’s attacker eventually returned all the funds.

DeFi and cryptocurrency platforms are often targeted by hackers. In the last couple of years, governments worldwide have started to implement cryptocurrency regulations to protect investors from such illegal actions. Hacked and stolen funds are to be taken into account very carefully. Indeed, they represent an increased risk in money laundering (ML) and terrorism financing (TF). Cryptocurrency regulations also require virtual asset service providers (VASPs) to mitigate ML and TF risks.

Cryptocurrency AML compliance with blockchain analytics

Today, one of the major problems that VASPs are facing is the increasing number of regulatory frameworks for virtual assets (VAs). Indeed, it takes time and resources to implement every requirement mandated by such regulations. From KYC to transaction monitoring and reporting, VASPs are spending a lot of resources to comply with them.

However, ensuring compliance with cryptocurrency AML regulations is of utmost importance for VASPs. It allows them to avoid fines, penalties, or even a license suspension for instance. To help VASPs in their crypto compliance process, blockchain analytics is very useful as it saves time and makes the transaction monitoring process a lot easier.

Interested in finding a partner providing blockchain analytics tools to help you in your crypto compliance journey? Don’t hesitate to contact the Scorechain team, we’ll happily discuss how we can satisfy your crypto compliance needs.

Request a free demo

About Scorechain

Scorechain is a Risk-AML software provider for cryptocurrencies and digital assets. As a leader in crypto compliance, the Luxembourgish company has helped more than 200 customers in 45 countries since 2015, ranging from cryptocurrency businesses to financial institutions with crypto trading, custody branch, digital assets, customers onboarding, audit and law firms, and some LEAs.

Scorechain solution supports Bitcoin analytics with Lightning Network detection, Ethereum analytics with all ERC20 tokens and stablecoins, Litecoin, Bitcoin Cash, Dash, XRP Ledger, Tezos, Tron with TRC10 and TRC20 tokens, and BSC with BEP20 tokens. The software can de-anonymize the Blockchain data and connect with sanction lists to provide risk scoring on digital assets, transactions, addresses, and entities. The risk assessment methodology applied by Scorechain has been verified and can be fully customizable to fit all jurisdictions. 300+ risk-AML scenarios are provided to its customers with a wide range of risk indicators so businesses under the scope of the crypto regulation can report suspicious activity to authorities with enhanced due diligence.