Trump WLFI exposes security vulnerabilities! Senators investigate Money Laundering suspicions involving North Korea and Russia.

World Liberty Financial is facing congressional scrutiny for allegedly selling Tokens to entities in sanctioned regions, including North Korea, Russia, and Iran. The company stated on Wednesday that it is working to reallocate user funds and verify user identities through KYC checks after a potential violation incident occurred. WLFI claimed that a small portion of users' Wallets were compromised due to phishing attacks or mnemonic phrase leaks caused by third-party security vulnerabilities.

Third-party security vulnerability led to account freezes in September

World Liberty Financial stated that due to a third-party security vulnerability, the company froze some user accounts in September and began reallocating funds to ensure wallet security. In a post related to Trump on the X platform, WLFI plan mentioned that due to “third-party security vulnerabilities,” a “relatively small portion of user wallets were compromised through phishing attacks or mnemonic phrase leaks.” The project is currently testing new smart contract logic to protect these accounts.

“Users who submit tickets and complete the necessary verification will have their funds redistributed to a new secure Wallet,” World Liberty stated. “In September, we froze the affected Wallets and verified ownership to ensure a smooth transition.” It is currently unclear how many users are affected, nor is it clear what the total amount at risk is. World Liberty pointed out that the issue “is not a problem with the WLFI platform or the smart contract.”

“Even when facing issues from external vulnerabilities, the team prioritized user safety while meeting regulatory requirements,” World Liberty added. This statement attempts to shift responsibility to a “third party,” but does not specify which third-party service provider or link encountered the problem. This vague statement has raised questions within the cryptocurrency community, as users cannot assess whether the risk has been completely eliminated.

Phishing attacks and mnemonic phrase leaks are the most common security threats in the cryptocurrency space. Phishing attacks typically lure users into entering their private keys or mnemonic phrases through fake websites or emails, while mnemonic phrase leaks may stem from malware, insecure storage methods, or malicious actions by insiders. WLFI attributes these security incidents to “third parties,” implying potential vulnerabilities involving wallet service providers, KYC verification services, or other outsourced vendors.

The time difference from freezing accounts in September to making a public statement in November has also raised questions. Why did WLFI wait for months to disclose the security incident to the public? Does this delay imply that the issue is more serious than the “relatively small part” stated in the official announcement? Or is WLFI attempting to proactively control the narrative before the senator's investigation escalates? There are currently no clear answers to these questions.

Senator Warren investigates transactions with sanctioned entities

According to reports, earlier this week, Senators Elizabeth Warren and Jack Reed urged the Department of Justice and the Department of the Treasury to investigate the alleged sale of WLFI tokens to sanctioned entities, citing research from Accountable.US. According to a CNBC report on Tuesday, Massachusetts Democratic Senator Elizabeth Warren and Iowa Senator Jack Reed called for the Department of Justice and the Department of the Treasury to investigate the alleged sale of WLFI tokens to sanctioned entities.

Regulators claim that these “suspicious” transactions allegedly involve the North Korean hacking group Lazarus, a sanctioned Russian “ruble-backed sanctions evasion tool,” and an Iranian cryptocurrency exchange. If these allegations are true, they would constitute a serious violation of U.S. sanctions laws, potentially leading to criminal charges and hefty fines.

It is currently unclear whether World Liberty's statement on Wednesday is related to the letters from Warren and Reid. World Liberty, whose co-founders include Eric Trump, Donald Trump Jr., and Barron Trump, has previously raised concerns among lawmakers who expressed worries about potential conflicts of interest. Members of the Trump family serve as co-founders of WLFI, while President Trump himself is promoting cryptocurrency-friendly policies, which raises serious questions about conflicts of interest.

Accountable.US report on the three sanctioned entities in question

North Korea's Lazarus Hacker Group: A top cybercrime organization on the U.S. Treasury Department's sanctions list, involved in multiple large exchange theft cases.

Russian Ruble Support Tool: Allegedly used as a cryptocurrency tool to bypass Western sanctions.

Iranian Cryptocurrency Exchange: Iranian entities under U.S. sanctions may be used to evade financial restrictions.

If WLFI really sells tokens to these entities, even if unintentionally, it may violate the U.S. International Emergency Economic Powers Act (IEEPA) and the Trading with the Enemy Act (TWEA), which prohibit U.S. companies from conducting transactions with sanctioned entities. Violators may face substantial civil fines and even criminal prosecution.

Blockchain experts question the evidence of the allegations

It is worth noting that several blockchain security experts, including Taylor Moynahan, the security chief of the largest Ethereum wallet MetaMask, and Nick Bax, the founder of Ump.eth, have raised questions about some on-chain analyses executed by Accountable, which allegedly linked an address to Lazarus.

“TL/DR: Someone wrote a 14-page article about Lazarus based on a strange transfer of a cryptocurrency,” Bucks wrote. “The worst part is that, aside from my senator spreading false information, Schleid was not only wrongly accused of being a North Korean hacker; but his WLFI Token worth about $95,000 also seems to have been frozen because of it.”

The doubts raised by these blockchain experts point to methodological issues in the Accountable.US report. While on-chain analysis can track the flow of funds, attributing specific addresses to specific entities requires additional evidence chains. Concluding that an address belongs to the Lazarus organization simply because it has received suspicious Token transfers may be overly presumptive. The pseudonymous nature of blockchain means that anyone can send Tokens to any address, and the recipient may be completely unaware.

The case of “Schleid” mentioned by Bax is particularly concerning. If an innocent user has nearly $100,000 in assets frozen simply because their Wallet address was incorrectly marked as related to Lazarus, it will raise serious issues of procedural justice. WLFI may face legal action for freezing user funds without sufficient evidence.

However, some analysts believe that WLFI's cautious behavior is necessary. In the current highly politicized environment, any potential connections with sanctioned entities could pose significant political and legal risks to the Trump family. Even with the possibility of misjudgment, freezing suspicious accounts before investigation may be a reasonable choice from a risk management perspective.

The controversy over the Trump family's conflict of interest continues to escalate

World Liberty (whose co-founders include Eric Trump, Donald Trump Jr., and Barron Trump) has previously raised concerns among lawmakers, who have expressed worries about potential conflicts of interest. As President Trump advocates for cryptocurrency-friendly policies, family members operating cryptocurrency companies and profiting from them has led to unprecedented ethical questions.

According to a previous report by the Financial Times, the Trump family has earned over $1 billion in pre-tax profits through cryptocurrency businesses over the past year. WLFI is an important component of this crypto empire, having generated hundreds of millions of dollars in revenue through the sale of WLFI governance Tokens and USD1 stablecoins. The Trump family company DT Marks DEFI LLC initially held 75% of World Liberty Financial's equity but later reduced its stake to 38%.

Currently, WLFI is not only facing security vulnerabilities but also allegations of selling tokens to sanctioned entities. If the investigation confirms violations, the Trump family could face criminal charges, which would become a landmark case of a U.S. presidential family involved in a cryptocurrency scandal. Senator Warren has long been critical of cryptocurrencies, and she views this investigation as an important battleground to combat Trump's conflicts of interest.

For users of WLFI, this incident serves as a wake-up call. Even high-profile projects associated with presidential families may face serious security and compliance issues. Users must fully assess the cumulative effects of political risks, security risks, and regulatory risks when participating in such projects.