WLFI Executes Emergency Token Burn Following Phishing-Related Breach

Emergency Burn Initiated After Token Compromise

World Liberty Financial (WLFI) activated an emergency smart-contract mechanism late Wednesday to eliminate tokens compromised through phishing attacks or exposed seed phrases. Approximately USD 22 million worth of assets were destroyed in the process.

These tokens were originally stored in pre-launch user wallets that had been compromised. To prevent further misuse, the project chose to burn all affected assets and is preparing to issue replacements to newly verified, secure wallets.

The team clarified that the event was not caused by flaws in WLFI’s platform, but rather by external security breaches impacting a small subset of users.

How the Incident Began

Before WLFI’s official launch, several user wallets were infiltrated through phishing links or stolen recovery phrases tied to third-party vulnerabilities. To contain the situation, WLFI froze all relevant wallets back in September and gathered user submissions to confirm ownership.

Once identities were confirmed, impacted users were instructed to complete a renewed KYC process to prepare for asset recovery and redistribution.

New Contract Logic Rolled Out for Secure Redistribution

In response to the incident, WLFI developed and implemented updated smart-contract logic designed to safely manage large-scale token reassignments. Though the approach required additional time, the project emphasized that safeguarding user assets remains the top priority.

On-chain data shows the token burn was executed through a multisig wallet, ensuring that the procedure was transparent and irreversible. Verified users will receive their tokens in newly secured wallets, while those who have not submitted claims or completed verification will remain frozen until they do so.

Clarification from WLFI: This Was an External Breach

(Image source: worldlibertyfi)

WLFI reaffirmed that its system, contracts, and protocol were not compromised.

Instead, attackers exploited vulnerabilities in third-party tools used by some community members. To meet compliance requirements and protect the broader ecosystem, the project enacted wallet freezes, ownership validation, and KYC checks immediately after confirming the source of the issue.

Next Steps for Affected Users

Users who submitted support tickets and passed verification will receive their redistributed tokens in the near future. Individuals who are still affected but have not yet reported their case can initiate the verification process through WLFI’s support channels and will be included in the recovery workflow once their identity is confirmed.

Conclusion

WLFI’s handling of the phishing-related breach underscores its commitment to user asset protection and responsible incident management. Through wallet freezes, identity verification, token destruction, and controlled redistribution, the platform has contained the impact and maintained transparency with its community. WLFI adds that improvements to security processes will continue, and extends gratitude to users for their patience throughout the recovery effort.

Disclaimer:

This is not investment advice. This information is provided for informational purposes only and should not be construed as a recommendation to buy, sell, or hold any asset. Cryptocurrency trading involves a risk of loss. Gate US services may be restricted in certain jurisdictions. For more information, please see our legal disclosures: https://us.gate.com/legal/disclosures