- WLFI froze 272 compromised wallets after attackers used malicious contracts to drain tokens during launch.
- The platform burned over $22 million in tokens and began verifying users to safely reallocate recovered funds.
- U.S. senators called for a federal investigation after reports linked WLFI token sales to sanctioned individuals.
Right before the WLFI token even had a chance to go live, things took a sharp turn. The team behind WLFI discovered that 272 wallets were compromised through phishing traps, leaked seed phrases, and a handful of other messy security missteps. What makes it a bit wilder is that none of these breaches came from WLFI’s internal systems, but instead from third-party tools and schemes that quietly exposed private keys. When the token launched on September 1, that’s when the attackers struck.
Malicious Contracts Triggered the Chaos
According to the company, attackers had already tucked malicious contracts into the compromised wallets. These contracts were designed to activate the moment WLFI went live, letting the attackers drain tokens instantly. The timing lined up right after Ethereum’s EIP-7702 Pectra upgrade, which added to the confusion and maybe even helped the breach slip through. As soon as WLFI saw strange behavior, the affected wallets were frozen on the spot to stop further losses and prevent funds from leaking out even more.
Bulk Recovery, Identity Checks, and Emergency Burns
To deal with the fallout, WLFI rolled out new smart contract logic that handles huge token reallocations at once — basically a bulk recovery tool. They also started verifying users so that tokens actually go to the right people instead of scammers pretending to be victims. Anyone who hasn’t reached out yet is stuck in limbo, since their wallets stay frozen until they finish verification. The emergency damage-control step was pretty extreme too: WLFI burned 166.667 million tokens worth over $22 million from the compromised addresses, wiping them out so attackers couldn’t move or use them.
Senators Step In as Scrutiny Rises
WLFI’s token didn’t escape market shock either — as trading began, it dropped more than 15%. But the security issue isn’t the only thing putting pressure on the project. A report from Accountable claimed that WLFI sold tokens to traders tied to a blockchain address sanctioned for links to North Korea’s Lazarus hacking group. That immediately drew the attention of lawmakers. Senators Elizabeth Warren and Jack Reed called for a federal investigation, arguing that WLFI’s token sales, involving individuals linked to Russia, Iran, and North Korea, could be a national security risk. WLFI pushed back, saying it ran strict AML/KYC checks on every pre-sale buyer and rejects the accusations entirely.
Rebuilding Trust After a Chaotic Few Days
Even with everything swirling around — the breach, the burns, the political heat — WLFI says it’s still committed to protecting users and repairing the damage. The company is urging affected holders to start verification whenever they’re ready, promising that their recovered funds will be redistributed once checks are complete. The situation has shaken confidence, but WLFI insists its updated security steps will help restore trust and stabilize the platform as it moves forward.
