Security News > 2023 > May > Level Finance crypto exchange hacked after two security audits
Hackers exploited a Level Finance smart contract vulnerability to drain 214,000 LVL tokens from the decentralized exchange and swapped them for 3,345 BNB, worth approximately $1,100,000.
While Level Finance said the attack did not affect its liquidity pool and the DAO treasury, and the exploit was isolated from all other contracts, the LVL token lost roughly 50% of its value immediately after the attack was made known.
Although Level Finance did its best to protect assets by ordering two audits from independent firms, the hacker still found a way to exploit the code to steal money using missed bugs.
While Level Finance was audited twice in 2023, it is unclear if the vulnerable function was audited or added afterwards.
Security audits are neither bulletproof nor should they be treated as an assurance of safety and security as we've seen multiple times in the past.
This occurred mere days after DEX Merlin announced a successful audit by blockchain security firm CertiK. Last year, decentralized music platform Audius lost $6 million worth of tokens after an attacker exploited a flaw in a system that had undergone two in-depth security assessments from separate auditors since it was introduced.
News URL
Related news
- Major security audit of critical FreeBSD components now available (source)
- U.S. Sanctions Two Crypto Exchanges for Facilitating Cybercrime and Money Laundering (source)
- Deepfakes Can Fool Facial Recognition on Crypto Exchanges (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- Microsoft pulls Exchange security updates over mail delivery issues (source)