Level Finance Crypto Exchange Hacked, After Two Security Audits

By   Adeola Adegunwa
Writer , Informationsecuritybuzz | May 03, 2023 04:05 am PST

Over $1 million worth of digital assets were stolen from Level Finance, one of the leading cryptocurrency exchanges in the world. The incident happened on April 29, 2023, despite the exchange having gone through two security assessments and audits in the past. 

This poses questions and concerns about how effective these tests are at avoiding cyber intrusions and attacks. According to sources, the hackers used a highly proficient phishing assault to gain access to Level Finance’s network. 

The attackers were able to move the stolen money to numerous external accounts after gaining access to the exchange’s internal systems.

How The Attack Was Discovered

The hacked smart contract, ‘LevelReferralControllerV2,’ has a logic flaw in the claimMultiple code that permits users to continually claim referral incentives inside the same epoch (period of time), according to blockchain security and data analytics startup PeckShield.

A comparable conclusion has been established by smart contract auditor BlockSec, who also noted that the hacker has failed to leverage the weakness multiple times since last week.

The attacker performed the following preparations because the claim incentive was specifically based on the tier of referral and reward points: BlockSec provided two explanations on Twitter: “1) generating and setting several referrals; and 2) using flashloan to carry out numerous swaps (the reward was modified in the postSwap function).”

To see the best out of the rewards from the smart contract bug, the attacker set up many referral accounts. The use of flashloans (single-transaction borrow and return) increased the referral benefits and allowed the attacker to carry out several token swaps while earning rewards each time.

According to a tweet from DeDotFiSecurity, the attacker had created an illegitimate contract seven days earlier in order to take profits from Level Finance. 

The security platform revealed that the attacker took advantage of the contract’s delegate function to take the LVL tokens off of the DeFi exchange. The exploit was separated from other contracts, Level Finance said. 

The exchange also stated that the exploit had no impact on its liquidity providers or the DAO Treasury.

While Level Finance was able to limit the damage caused by the exploit, its native token, LVL, suffered a serious loss. Following the exploit, the token plunged as much as 50%, dropping from $8.4 to a 3-week low of $4.2. 

Following the exploit, opportunistic traders rushed to trade the token, increasing its daily trading volume by 864%. Eventually, the hacker finally followed the right procedures and launched the attack that netted them $1.1 million.

Who Are The Level Finance?

A new DeFi project called Level Finance (LVL) comprises the high-yield LVL token and a perpetually decentralized crypto trading platform built on Binance’s BNB Chain.

The exchange platform offers access to several kinds of perpetual trading contracts across chosen asset pairs, and because it is decentralized, users can use the site using a crypto wallet. The LVL token compensates users with high liquidity-providing payouts.

One such site that provides traders with leverage up to 30x is Level Finance. Leverage, on the other hand, increases users’ losses if they are unable to hold onto their trading position and are liquidated. 

Only experienced traders are advised to use these contracts due to their high level of risk. In essence, the exchange serves the requirements of knowledgeable customers who predict future price fluctuations for particular cryptocurrencies using technical analysis. 

These traders engage in perpetual contracts that are centered on the fluctuation of cryptocurrency prices.

By way of example, perpetual traders can enter a contract concerning the price fluctuation of Bitcoin (BTC) without making an investment on Level Finance. They can instead deposit Tether (USDT), Binance USD (BUSD), PancakeSwap (CAKE), Ethereum (ETH), or Binance Coin (BNB). 

The platform hosts its operations on the BNB Chain. Users require an active software crypto wallet to utilize Level Finance because it is a decentralized application (dApp), just like any other dApp. Users of Level Finance are not required to register or submit any sensitive personal data. 

Level Finance Response To The Attack

Level Finance responded to the hack with a statement recognizing the breach and announcing the start of an inquiry. 

The exchange added that it is collaborating closely with law enforcement authorities to track down the perpetrators and get back the money that was stolen.

As soon as the probe yields further details, the company has pledged to publish updates on the attack. 

Since then, the DAO has published a proposal that seeks community input on how to manage the 214K LVL tokens that the attack has added to the market.

“The Level team will pay DevOps and OPSEC significantly more attention in the future. To undertake ongoing real-time security evaluations on all contract upgrades, we have hired the Quantstamp team”, the website mentioned.

Continuing the statement made public; they said, “it has, regrettably, been a persistent difficulty because of the size, complexity, and speed of LEVEL’s code base. However, measures will be taken to reduce further attacks.”

“Like any project that breaks new ground, there are risks and trade-offs involved. As we learn, kindly be patient with us. We will iteratively refine the protocol together. The Level community will eventually possess one of the most important assets in the sector”, it was noted on the website.


The attack has shocked the digital currency industry, and many people are surprised and disappointed that a platform as well-known as Level Finance could fall victim to a hack after going through two security audits and assessments. The attack has once again brought attention to the problem of protecting digital assets and the requirement for tighter security measures.

Level Finance’s hack is expected to have a significant impact on the sector. It is anticipated that industry-wide security practices would be scrutinized more closely, and regulators may pick up their efforts to impose stronger cybersecurity standards for exchanges. Despite going through two security audits, the Level Finance hack demonstrates the persistent difficulty in protecting digital assets from cyberattacks. 

It emphasizes the necessity of tighter security controls and more awareness in the face of developing cyber dangers. All these remain a learning point reminder of the need for strong security standards for cryptocurrency exchanges and the requirement for ongoing efforts to enhance cybersecurity in the sector.

Notify of
0 Expert Comments
Inline Feedbacks
View all comments

Recent Posts

Would love your thoughts, please comment.x