Blockchain Attack: Level Finance Announces Loss of $1M From Smart Contract Security Breach

Updated: 02 May 2023

Disclosure

Don’t invest unless prepared to lose all the money you invest. This is a high-risk investment, you shouldn’t expect to be protected if something goes wrong.

Join Our Telegram channel to stay up to date on breaking news coverage

Decentralized Exchange Level Finance has confirmed that its smart contract has experienced a security breach that resulted in the loss of $1 million worth of the exchange’s utility token, $LVL.

Smart Contract Attack Leads to Theft of Over 214,000 $LVL Tokens

On Monday, Level Finance Exchange announced the loss of more than 214,000 $LVL tokens, approximated to be $1.01 million, caused by an attack on its smart contract.

The anonymous attacker manipulated multiple bugs in the exchange smart contracts and drained and swapped thousands of tokens into 3,345 Binance Coins (BNB).

An exploit targeted our Referral Controller Contract.

– 214k LVL tokens drained to exploiters address.
– Attacker swapped LVL to 3,345 BNB
– Exploit was isolated from other contracts.
– Fix to be deployed in 12 Hrs.
– LP's and DAO treasury UNAFFECTED.

More details to follow.

— LEVEL Finance #RealYield (@Level__Finance) May 1, 2023

At press time, the decentralized exchange asserts that the smart contract does not appear to be altered since the attack happened.

However, a new implementation of the smart contract will be deployed in the next 12 hours to avert a recurrence in the future.

Furthermore, Level Finance also iterated that the security compromise did not affect its diverse liquidity pools and related decentralized autonomous organizations (DAOs).

Since the official announcement, some reputable blockchain security platforms have share insights on the compromise, notably Peckshield.

The revolutionary chain security iterated that the Level Finance smart contract, “LevelReferralControllerV2,” contained a bug that enabled “repeated referral claims” from one period.

It seems the @Level__Finance's LevelReferralControllerV2 contract has a bug that allows for repeated referral claims from the same epoch. So far 214k LVLs have been drained and swapped into 3,345 BNB (~1M)

Here is an example hack tx: https://t.co/isqHhzFk1Z https://t.co/ikOWx2ezf6 pic.twitter.com/wlr5bFFf0R

— PeckShield Inc. (@peckshield) May 1, 2023

Level Finance has verified the information by Peckshield on Discord. The decentralized exchange further stated that the exploits had been isolated and implored users to “stand by for a full post-mortem.”

Impact of Smart Contract Compromise: $LVL Price Slumps

At its core, Level Finance is a decentralized perpetual exchange deployed on the BNB chain that delivers highly effective risk management and facilitates seamless market access to programmatic liquidity pools.

Since its debut in December 2022, the decentralized platform has soared in popularity and utility.

Level Finance enables capital-effective hedging with minimum market impact for investors and traders seeking to protect their profits. It also creates yield-bearing opportunities for asset owners to earn passive commercial ventures on their digital asset holdings.

However, the recent attack on its smart contract has impacted the price value of its native token, $LVL.

Since the official announcement on Twitter yesterday, the native token has been down to 10.21% in price value.

At press time, 1 $LVL trades at $7.73, indicating a downtrend of 31.09% from its all-time high of $11.22 recorded on April 21 – 11 days ago.

Technical analysis indicates the crypto asset worth $7.73 is trading below the 50-day simple moving average (SMA) price of $8.14, which signals the asset is bearish.

The relative strength index (RSI) sits at 42.90, indicating the $LVL is slightly above the underbought zone of 30.

Financial experts assert that the downtrend of $LVL was expected as the overall crypto market is influenced by news and social media trends.

With the development team working to mitigate the effects of the security breach and integrating more security features, the Level Finance project is expected to be on the rise again.

Decentralized Finance (DeFi) Attacks Continue in 2023

Decentralized Finance has revolutionalized the conventional finance sector through the power of blockchain technology to avert intermediaries.

This development has led to faster, more efficient, and more affordable financial services distributed to global functional ecosystems like health, technology, finance, and many more.

However, despite its limitless advantages, the security of DeFi protocols has been less than desirable due to incessant hacks, loss of funds, and assets recorded across the nascent sub-sector.

Some of the most popular hacks are Ronin Network’s $656M exploit, Nomad Bridge’s $150M hack, and Wintermute’s $160M breach, with Level Finance being the most recent attack of 2023.

The staggering financial loss suffered from DeFi hacks has caused widespread uncertainty over the longevity of the ecosystem, with regulatory bodies now poised to step in and incorporate frameworks to prevent reoccurrences.