Insiders, hackers, or both? The strange case of WLFI freezes
World Liberty Financial reported that it has frozen 50 WLFI token addresses at the request of the address owners, who claimed their wallets had been compromised.
Now imagine this situation happened to you. If your address was compromised, what would you do: quickly move all your funds somewhere else (even to a CEX, just to keep the hacker from getting them), or reach out to WLFI support to request a freeze?
I checked WLFI’s website to see how to contact their support. I’m used to something simple, like on rabbit.io: just click the live chat button in the bottom right corner and you’re instantly connected. But WLFI’s site doesn’t have that. There’s a “Contact us” button, but it’s styled in such a way that you’d hardly think it’s meant for real support (see screenshot).
And even if you do manage to contact them, you’d still need to prove ownership of the address - either by signing a message with your key or sending a transaction. Honestly, it seems much easier to just move the funds out yourself than to go through the hassle of requesting a freeze.
Yet, in just 5 days, 50 addresses were blocked this way. How is that even possible? I see two possible explanations:
- The compromised wallets belonged to insiders, who could directly call up or personally trigger the contract changes to block addresses.
- This was some kind of devious attack. A hacker gains access to a wallet with WLFI tokens but doesn’t drain it. Instead, they contact the issuer, prove they have the private key, and request the wallet be frozen. WLFI complies.
Either way, this casts serious doubt on the security of WLFI.
Do you have any other ideas on how these freezes might have happened?
