|
Getting your Trinity Audio player ready...
|
- WLFI blocked hack attempts via onchain wallet blacklisting.
- Hackers use cloned contracts and EIP-7702 phishing exploits to drain users.
- Ethereum’s Pectra upgrade introduced new offchain attack vectors.
Stay ahead with real-time updates and insights—Join our Telegram channel!
Trump-linked decentralized finance (DeFi) project World Liberty Financial (WLFI) says it successfully thwarted hacking attempts during its token launch this week, after blacklisting compromised wallets before attackers could strike.
WLFI Deploys Onchain Blacklist to Block Attacks
On Wednesday, WLFI revealed that a designated wallet carried out “mass blacklisting” transactions, disabling accounts flagged as compromised. The project stressed that these incidents were due to end-user vulnerabilities such as private key leaks, rather than an exploit of WLFI itself.
The blacklisting move was designed to protect WLFI’s Lockbox mechanism, which safeguards users’ vested token allocations. “This allowed us to block the theft attempts from the Lockbox,” the team stated, linking to Etherscan transactions as evidence. WLFI also confirmed it is working with affected users to help them regain access.
Hackers Target WLFI Launch With Clones and Phishing
On Monday, WLFI unlocked 24.6 billion tokens as trading opened, immediately drawing the attention of hackers and scammers. Analytics firm Bubblemaps flagged “bundled clones,” fake smart contracts mimicking WLFI to trick users into interacting with fraudulent addresses.
Meanwhile, security firm SlowMist’s founder Yu Xian reported that WLFI holders were being drained through a phishing exploit tied to Ethereum’s EIP-7702 upgrade, which allows attackers to insert malicious addresses into wallets and capture funds when deposits are made.
EIP-7702 Creates New Attack Vectors
The Ethereum Pectra upgrade in May introduced EIP-7702, which enabled externally owned accounts to act like smart contract wallets for greater flexibility. However, security experts warn that this feature opened the door to a dangerous offchain attack vector.
Also Read: Trump Family’s World Liberty Financial Burns 47 Million Tokens as WLFI Price Plummets
Solidity auditor Arda Usman previously explained that attackers can drain funds using only an offchain signed message, without requiring an onchain transaction. This has made phishing-style attacks against DeFi users more sophisticated and harder to detect.
World Liberty Financial’s proactive blacklisting of compromised wallets highlights both the promise and the perils of new DeFi projects. While WLFI managed to block early hacking attempts, experts caution that EIP-7702 vulnerabilities and phishing tactics remain a serious risk for users navigating token launches.
Stay ahead with real-time updates and insights—Join our Telegram channel!
Disclaimer: The information in this article is for general purposes only and does not constitute financial advice. The author’s views are personal and may not reflect the views of Chain Affairs. Before making any investment decisions, you should always conduct your own research. Chain Affairs is not responsible for any financial losses
I’m a crypto enthusiast with a background in finance. I’m fascinated by the potential of crypto to disrupt traditional financial systems. I’m always on the lookout for new and innovative projects in the space. I believe that crypto has the potential to create a more equitable and inclusive financial system.
