- World Liberty burns 166.667 million WLFI tokens after 272 wallets were compromised.
- The Platform breach was attributed to third-party security lapses, not smart contract vulnerabilities.
- U.S. Senators request investigation into alleged token sales to sanctioned entities.
World Liberty Financial had announced an emergency token burn and reallocation of $22.1 million WLFI following pre-launch phishing attacks that targeted user wallets. The Trump family-backed decentralized finance platform revealed the incident involved 272 compromised wallets, with 215 linked to phishing attacks.
The team executed an emergency function that burned approximately 166.667 million WLFI tokens and reallocated equivalent amounts to a verified recovery address. Prior to WLFI’s launch, a subset of user wallets was compromised via phishing attacks or exposed seed phrases.
Platform Tests New Smart Contract Logic
World Liberty Financial stated it has tested new smart contract logic to safely reallocate user funds and verified users’ identities via KYC checks. Shortly, users who submitted tickets and satisfied required checks will have funds reallocated to new, secure wallets.
“This was not a WLFI platform or smart contract issue. Attackers gained access to user wallets through third-party security lapses,” the platform stated. In September, the team froze impacted wallets and verified ownership to ensure a smooth transition.
The process took time, but according to their post, they prioritized the safety of funds was more important than speed. Even with issues stemming from external vulnerabilities, the team prioritized user security while meeting regulatory requirements.
Reallocation will begin shortly for all wallets that have completed and satisfied the required verification steps. Wallets for users who haven’t reached out or completed verification will remain frozen, though those users can still start the process through the help center.
Congressional Scrutiny Intensifies
While WLFI attributed the breach to third-party security lapses rather than platform vulnerabilities, the incident has intensified concerns about the platform’s control over user funds. Critics argue the move contradicts WLFI’s “community governed” branding, as the platform unilaterally froze and reassigned assets without decentralized governance proposals.
In mid-November 2025, U.S. Senators Elizabeth Warren and Jack Reed requested federal investigations into alleged WLFI token sales to sanctioned entities. The allegations include potential sales to the North Korean hacking group Lazarus, Russian sanctions evasion tools, and Iranian crypto exchanges.
Multiple blockchain security experts have flagged concerns that, despite marketing itself as community-governed, WLFI maintains centralized control over critical functions, including the ability to freeze wallets unilaterally. This centralized control also contradicts typical decentralized finance principles.
Related: https://coinedition.com/us-senators-allege-wlfi-links-to-lazarus-group-and-russia/
Disclaimer: The information presented in this article is for informational and educational purposes only. The article does not constitute financial advice or advice of any kind. Coin Edition is not responsible for any losses incurred as a result of the utilization of content, products, or services mentioned. Readers are advised to exercise caution before taking any action related to the company.
Source: https://coinedition.com/wlfi-reallocates-tokens-after-past-phishing-linked-wallet-attack/
