Bitget App
Trade smarter
Buy cryptoMarketsTradeFuturesCopyBotsEarn
Loopring Smart Wallets Suffer a $5 Million Exploit

Loopring Smart Wallets Suffer a $5 Million Exploit

CryptopotatoCryptopotato2024/06/10 23:43
By:Author: Wayne Jones

Loopring observed that the attacker impersonated the wallet owner to reset ownership and redeem assets.

On Sunday, Loopring, an Ethereum zero-knowledge roll-up protocol, announced a significant security vulnerability attack on its smart wallets, linked to the Loopring Official Guardian.

The project is collaborating with security and law enforcement agencies to investigate how the two-factor authentication system was compromised and to track down the cybercriminals.

Loopring Official Guardian Exposed

In a comprehensive announcement shared on platform X, Loopring disclosed that the attacker targeted a subset of the wallet, capitalizing on the vulnerabilities of the Official Guardian. As such, some wallets within Loopring fell victim to this security breach.

🚨Incident Alert: Loopring Smart Wallets Compromised🚨

A few hours ago, some Loopring Smart Wallets were targeted in a security breach. The attack exploited wallets with only one Guardian, specifically the Loopring Official Guardian. The hacker initiated a Recovery process,… pic.twitter.com/Y9mYC4j9QJ

— Loopring💙 (@loopringorg) June 9, 2024

The malicious actor circumvented Loopring’s authorized Guardian services by impersonating wallet owners. This allowed them to initiate unauthorized recoveries on wallets that relied solely on the compromised Guardian without the permission of the actual users.

By specifically targeting the Official Guardian and 2FA service, the attacker siphoned substantial assets from several wallets.

Loopring and blockchain audit firm Cyvers Alert identified and publicly shared the two malicious wallets. Onchain data from Etherscan revealed that one of the hacker’s wallets seized about $5 million worth of assets from the compromised wallets. The wallet has already swapped the crypto for ETH and still holds 1,373 ETH worth $5 million.

It is important to note that not all wallets were exposed. Wallets employing multiple guardians or alternative third-party guardians were not affected by the recent exploit.

Commitment to Protect Investors

Loopring announced on their X platform that they are working with Mist security experts and law enforcement agencies to determine how their two-factor authentication service was compromised and to track down the malicious actors.

To protect users, Loopring has temporarily suspended all Guardian-related and 2FA-related operations, which has since stopped the compromise. The network encourages anyone with additional information about the exploit to come forward and commits to providing updates as the investigation progresses.

As per their report, they remain steadfast in showing their commitment to safeguarding the interests of their users.

According to data from Coingecko, Loopring’s native token, LRC, experienced a slight reaction when news of the attack emerged. It is currently trading at $0.2199, reflecting a 2.7% decrease in the past 24 hours and an 18% decrease over the past 7 days.

0

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Locked for new tokens.
APR up to 10%. Always on, always get airdrop.
Lock now!

You may also like

Metrics Ventures: The market has provided the answer; quietly accompanying the industry's growth is the best strategy

Ride the wave, trade the trend, this heart is bright, what else is there to say.

Chaincatcher2024/11/09 23:33

BlackRock’s Bitcoin ETF flips gold fund

Cointelegraph2024/11/09 17:55

SEC mulls approving Ethereum ETF options

Cointelegraph2024/11/09 17:55