WLFI Recovers $22 Million in Tokens After Security Breach
World Liberty Financial (WLFI) recovered and reallocated over $22 million worth of its tokens. This followed a security breach before its official launch in September 2025. Hundreds of user wallets were compromised.
WLFI confirmed on November 19 that the breach was not caused by its platform or smart contracts. Hackers accessed wallets through phishing attacks, leaked seed phrases, and malicious Ethereum contracts. Some issues were linked to Ethereum’s EIP-7702 update in the Pectra upgrade.
Steps Taken to Secure User Funds
In September, WLFI froze 272 wallets involved in the breach. Affected users had to complete KYC verification again and provide new wallet addresses.
The team developed new smart contract tools to safely handle token reallocations. On November 19, WLFI executed an on-chain function to burn 166.7 million WLFI tokens (valued at $22.1 million) from compromised wallets. The same amount was reissued to verified users.
On-chain analyst Emmett Gallic reviewed the transaction. He noted the function is designed for cases where users lose wallet access or tokens fall into attackers’ hands.
WLFI prioritized fund safety over speed. Users who completed identity checks will receive their tokens soon. Wallets of unverified users remain frozen until verification is complete.
WLFI Advances Product Development
WLFI is continuing development despite the breach. On November 1, the project expanded its USD1 Points Program by integrating with Dolomite, a DeFi lending platform.
In September, WLFI announced it will offer a debit card tied to its USD1 stablecoin. Co-Founder Zak Folkman said the card will work with Apple Pay and connect to USD1 via the WLFI app. He added the launch is “coming very soon.”
The recovery marks progress for WLFI to focus on its product roadmap and regain user trust.
