WLFI hacking attempt foiled as security blocks multi-million breach

A recent WLFI hacking attempt was stopped in its tracks thanks to the project’s robust onchain blacklisting measures. The DeFi project World Liberty Financial (WLFI) reported that its proactive approach to blacklisting compromised wallets onchain successfully prevented a WLFI hacking attempt that targeted its token launch.

On Wednesday, WLFI disclosed that a designated wallet carried out “mass blacklisting” transactions disabling accounts identified as compromised before the official launch. According to the team, the WLFI hacking attempt was the result of end user issues such as private key losses not a vulnerability within the WLFI platform itself.

The WLFI hacking attempt specifically targeted the project’s “Lockbox,” a vesting mechanism designed to safeguard locked token allocations for users. By blacklisting affected wallets, WLFI was able to prevent theft attempts from the Lockbox as demonstrated by two Etherscan transactions linked by the team. This decisive action ensured that the WLFI hacking attempt did not succeed in breaching user funds.

WLFI’s team also stated they are working closely with compromised users to help them regain access to their accounts following the WLFI hacking attempt. Despite these efforts, bad actors continue to target WLFI users, with each new WLFI hacking attempt prompting further vigilance from the project’s security team.

After unlocking 24.6 billion WLFI tokens and opening trading for the first time, the project faced another WLFI hacking attempt as hackers and scammers sought to exploit the event. Analytics firm Bubblemaps uncovered “bundled clones” imitation smart contracts created to deceive users into engaging with fraudulent contracts marking another hacking attempt targeting WLFI.

EIP 7702

Yu Xian, founder of security company SlowMist, reported that some WLFI holders were being drained of their tokens through a known exploit involving the Ethereum Improvement Proposal (EIP)-7702 upgrade. This WLFI hacking attempt used a “classic EIP-7702 phishing exploit,” where bad actors plant hacker controlled addresses in victim wallets allowing them to steal tokens during deposits.

The EIP-7702 upgrade, introduced in May as part of Ethereum’s Pectra update allows externally owned accounts to temporarily act like smart contract wallets. While intended to improve user experience,this change has enabled a new WLFI hacking attempt vector allowing hackers to drain funds using only an offchain signature.

Solidity smart contract auditor Arda Usman previously explained that a hacking attempt could drain user funds with just an offchain signed message without requiring a direct onchain transaction. This highlights the evolving nature of threats and the importance of WLFI’s proactive measures against every WLFI hacking attempt.

As WLFI continues to grow, its ongoing vigilance and rapid response to each hacking attempt remain crucial in protecting its community and assets.