Security News > 2023 > May > Level Finance crypto exchange hacked after two security audits
Hackers exploited a Level Finance smart contract vulnerability to drain 214,000 LVL tokens from the decentralized exchange and swapped them for 3,345 BNB, worth approximately $1,100,000.
While Level Finance said the attack did not affect its liquidity pool and the DAO treasury, and the exploit was isolated from all other contracts, the LVL token lost roughly 50% of its value immediately after the attack was made known.
Although Level Finance did its best to protect assets by ordering two audits from independent firms, the hacker still found a way to exploit the code to steal money using missed bugs.
While Level Finance was audited twice in 2023, it is unclear if the vulnerable function was audited or added afterwards.
Security audits are neither bulletproof nor should they be treated as an assurance of safety and security as we've seen multiple times in the past.
This occurred mere days after DEX Merlin announced a successful audit by blockchain security firm CertiK. Last year, decentralized music platform Audius lost $6 million worth of tokens after an attacker exploited a flaw in a system that had undergone two in-depth security assessments from separate auditors since it was introduced.