Trump-linked DeFi project World Liberty Financial (WLFI) said it stopped hacking attempts during its token launch by blocking compromised wallets onchain.
On Wednesday, WLFI said a designated wallet carried out “mass blocking” transactions to block compromised accounts before launch. The team added that users’ lost private keys caused the hacking attempts and emphasized that attackers didn’t exploit the WLFI project itself.
WLFI said its redlist efforts prevented hackers from targeting the “Lockbox,” a vesting tool that protects users’ locked token allocations.
This allowed them to block the theft attempts on the Lockbox, pointing to two Etherscan transactions that show the blocklist in action. Moreover, the team said they’re working with impacted users to help them regain access to their accounts.
Hackers exploit WLFI token launch
On Monday, World Liberty Financial released 24.6 billion WLFI tokens as trading kicked off. Since then, hackers and scammers have tried to cash in, targeting both users and the project.
Analytics firm Bubblemaps found ‘bundled clones,’ copycat smart contracts that mimic the real project. Scammers design these clones to trick users into using the fakes and steal their crypto.
Security firm SlowMist founder, Yu Xian, said hackers are stealing tokens from some WLFI holders through a known exploit in the Ethereum EIP-7702 upgrade.
Xian said hackers are draining WLFI holders with a “classic EIP-7702 phishing scam.” He explained that they plant their own addresses in victims’ wallets and steal the tokens as soon as a deposit is made.
EIP-7702 enables off-chain exploits
In May, Ethereum’s Pectra upgrade added EIP-7702. The feature allows normal user wallets to temporarily act like smart contract wallets. This makes it possible to delegate actions and send multiple transactions at once, aiming to simplify the user experience.
However, the upgrade aimed to enhance the user experience, but security experts identified a loophole that could let hackers steal funds using just an off-chain signature.
