On Sunday, Loopring, a zero-knowledge backlog protocol for Ethereum, announced a major vulnerability attack on its smart wallets linked to the Loopring Official Guardian.
The project collaborates with security and law enforcement agencies to investigate how the two-factor authentication system was hacked and track down cybercriminals.
Loopring Official Exposed Trustee
In a comprehensive announcement shared on Platform X, Loopring revealed that the attacker targeted a subset of the wallet, taking advantage of vulnerabilities in the Official Guardian. As such, some wallets within Loopring fell victim to this security breach.
🚨Incident alert: Smart wallets have been hacked🚨
A few hours ago, some Loopring smart wallets were targeted in a security breach. The attack exploited wallets with only one guard, specifically the Loopring Official Guardian. The hacker started the recovery process,… pic.twitter.com/Y9mYC4j9QJ
– Loopring💙 (@loopringorg) June 9, 2024
The malicious actor circumvented Loopring's authorized Guardian services by impersonating wallet owners. This allowed them to initiate unauthorized recoveries on wallets relying solely on the compromised Guardian without the permission of actual users.
By specifically targeting the Official Guardian service and the two-factor authentication service, the attacker seized significant assets from multiple wallets.
Loopring and blockchain audit firm Cyvers Alert It has been identified They shared the two malicious wallets publicly. Onchain data from Etherscan open One of the hacker wallets seized assets worth about $5 million from the hacked wallets. The wallet has already exchanged cryptocurrencies for ETH and still contains 1,373 ETH worth $5 million.
It is important to note that not all wallets are exposed. Wallets that use multiple custodians or third-party alternative custodians were not affected by the latest exploit.
Commitment to protecting investors
Loopring announced on its X platform that it is working with security experts Mist and law enforcement agencies to determine how their two-factor authentication service was compromised and track down malicious actors.
To protect users, Loopring temporarily suspended all Guardian-related and 2FA-related operations, which has since halted settlement. The network encourages anyone with additional information about the exploit to come forward and commit to providing updates as the investigation progresses.
According to their report, they remain steadfast in demonstrating their commitment to protecting the interests of their users.
according to Data From Coingecko, Loopring's native token, LRC, saw little reaction when news of the attack emerged. It is currently trading at $0.2199, reflecting a 2.7% decline over the past 24 hours and an 18% decline over the past seven days.
Free Binance $600 (Exclusively for CryptoPotato): Use this link to register a new account and get an exclusive $600 welcome offer on Binance (Full details).
BYDFi Exchange 2024 Limited Offer: Welcome Bonus up to 2,888 USD, use this link to register and open a position worth 100 USDT-M for free!
