World Liberty Financial (WLFI), a decentralized finance (DeFi) initiative with ties to Trump, reported that it successfully blocked several hacking attempts during its token launch by blacklisting compromised wallets directly onchain.
According to WLFI, a designated wallet carried out “mass blacklisting” transactions ahead of the token’s debut, shutting down accounts that had been flagged as compromised. The project emphasized that these incidents were the result of user-side security issues, such as lost private keys, and not flaws in WLFI’s own protocol.
The team highlighted that these preventative measures safeguarded WLFI’s “Lockbox” vesting system, which protects locked token allocations. “By blacklisting in real-time, we were able to stop theft attempts from affecting the Lockbox,” WLFI explained, while pointing to two Etherscan transaction links as proof.
WLFI also confirmed it is actively assisting affected users to help them restore access to their accounts.
Hackers Keep Targeting WLFI Users
WLFI officially unlocked 24.6 billion tokens on Monday as trading began, but the launch quickly drew the attention of scammers.
Blockchain analytics firm Bubblemaps flagged the creation of “bundled clones”—fake contracts designed to mimic the WLFI protocol and trick unsuspecting traders into sending funds to fraudulent addresses.
Meanwhile, Yu Xian, founder of security company SlowMist, warned that WLFI holders have been losing tokens through a phishing exploit tied to Ethereum’s EIP-7702 standard. Attackers, he explained, can sneak malicious addresses into user wallets, enabling them to drain assets whenever deposits are made.
EIP-7702 Creates New Risks
The phishing risk traces back to Ethereum’s Pectra upgrade in May, which introduced EIP-7702. The change allowed externally owned accounts (EOAs) to temporarily behave like smart contracts, enabling batch transactions and delegated execution rights.
Although intended to improve usability, the upgrade opened a new attack surface. Security researchers noted that with just an offchain signature, hackers could authorize malicious transactions—without the victim ever signing anything onchain.
Smart contract auditor Arda Usman previously explained that this loophole means attackers can drain funds solely through an offchain signed message, making it especially dangerous for unsuspecting wallet owners.
Download the FREE Bitcoin Mining eBook
Kickstart your mining journey with essential insights:
https://bitmernmining.com/landing-page-ebook-download/
For more news, find me on Twitter Giannis Andreou and subscribe to My channels Youtube and Rumble
What is your opinion on this particular topic? Leave us your comment below! We are always intere
