Decentralized exchange Level Finance has experienced a security breach allowing an attacker to steal more than $1 million of the exchange\u2019s native Level Finance (LVL) token.\u00a0<\/p>\n
Level Finance informed its 20,000 Twitter followers that more than 214,000 of the exchange\u2019s LVL tokens had been drained and swapped into 3,345 Binance Coin (BNB<\/a>), with an approximate value of $1.01 million.\u00a0<\/p>\n An exploit targeted our Referral Controller Contract.<\/p>\n – 214k LVL tokens drained to exploiters address. More details to follow.<\/p>\n \u2014 LEVEL Finance #RealYield (@Level__Finance) May 1, 2023<\/a><\/p><\/blockquote>\n According to blockchain security firm Peckshield, Level Finance\u2019s \u201cLevelReferralControllerV2\u201d smart contract contained a bug that allowed for \u201crepeated referral claims\u201d from the same epoch. This was confirmed by Level Finance in a later statement made on Discord. <\/p>\n It seems the @Level__Finance<\/a>‘s LevelReferralControllerV2 contract has a bug that allows for repeated referral claims from the same epoch. So far 214k LVLs have been drained and swapped into 3,345 BNB (~1M)<\/p>\n Here is an example hack tx: https:\/\/t.co\/isqHhzFk1Z<\/a> https:\/\/t.co\/ikOWx2ezf6<\/a> pic.twitter.com\/wlr5bFFf0R<\/a><\/p>\n \u2014 PeckShield Inc. (@peckshield) May 1, 2023<\/a><\/p><\/blockquote>\n Meanwhile, \u00a0data<\/a> from Binance chain explorer BSC Scan, the V2 controller contract shows multiple calls of the \u201cclaim multiple\u201d function over the past 48 hours.<\/p>\n At the time of writing, the implementation<\/a> of the contract does not appear to have been altered since the advent of the attack, however Level Finance says that it will deploy a new implementation of the referral contract within the next 12 hours.<\/p>\n The exchange also noted that its liquidity pools and related DAOs remain unaffected by the attack. <\/p>\n Related: <\/strong>April\u2019s crypto scams, exploits and hacks lead to $103M lost \u2014 CertiK<\/strong><\/a><\/p>\n According to @DeDotFiSecurity on Twitter, the team says<\/a> that it has \u201ctemporarily shut down the referral program,\u201d which has stopped the exploit. <\/p>\n On Discord, Level Finance said that the exploit had been isolated from other exploits and that users of the exchange should \u201cstand by for a full post mortem.\u201d <\/p>\n\n
– Attacker swapped LVL to 3,345 BNB
– Exploit was isolated from other contracts.
– Fix to be deployed in 12 Hrs.
– LP’s and DAO treasury UNAFFECTED. <\/p>\n\n
![](\"https:\/\/s3.cointelegraph.com\/uploads\/2023-05\/c090689c-c0f9-4e90-8097-b538713fe088.png\")
<\/figure>\n