EddieJayonCrypto

 11 Jun 24

tl;dr

Loopring, an Ethereum protocol, reported a security vulnerability in its smart wallets linked to the Loopring Official Guardian. The attacker exploited the Official Guardian's vulnerabilities, targeting wallets with only one Guardian, and siphoned substantial assets. Loopring is collaborating with s...

Loopring, an Ethereum protocol, reported a security vulnerability in its smart wallets linked to the Loopring Official Guardian. The attacker exploited the Official Guardian's vulnerabilities, targeting wallets with only one Guardian, and siphoned substantial assets.

Loopring is collaborating with security and law enforcement agencies to investigate and has temporarily suspended Guardian-related operations. The network remains committed to protecting users and encourages anyone with information about the exploit to come forward.

The incident caused Loopring's native token, LRC, to experience a slight decrease in trading value.

On Sunday, Loopring, an Ethereum zero-knowledge roll-up protocol, announced a significant security vulnerability attack on its smart wallets, linked to the Loopring Official Guardian. The project is collaborating with security and law enforcement agencies to investigate how the two-factor authentication system was compromised and to track down the cybercriminals.

LOOPRING OFFICIAL GUARDIAN EXPOSED

In a comprehensive announcement shared on platform X, Loopring disclosed that the attacker targeted a subset of the wallet, capitalizing on the vulnerabilities of the Official Guardian. As such, some wallets within Loopring fell victim to this security breach.

The malicious actor circumvented Loopring’s authorized Guardian services by impersonating wallet owners. This allowed them to initiate unauthorized recoveries on wallets that relied solely on the compromised Guardian without the permission of the actual users. By specifically targeting the Official Guardian and 2FA service, the attacker siphoned substantial assets from several wallets.

Loopring and blockchain audit firm Cyvers Alert identified and publicly shared the two malicious wallets. Onchain data from Etherscan revealed that one of the hacker’s wallets seized about $5 million worth of assets from the compromised wallets. The wallet has already swapped the crypto for ETH and still holds 1,373 ETH worth $5 million. It is important to note that not all wallets were exposed. Wallets employing multiple guardians or alternative third-party guardians were not affected by the recent exploit.

COMMITMENT TO PROTECT INVESTORS

Loopring announced on their X platform that they are working with Mist security experts and law enforcement agencies to determine how their two-factor authentication service was compromised and to track down the malicious actors. To protect users, Loopring has temporarily suspended all Guardian-related and 2FA-related operations, which has since stopped the compromise. The network encourages anyone with additional information about the exploit to come forward and commits to providing updates as the investigation progresses. As per their report, they remain steadfast in showing their commitment to safeguarding the interests of their users.

According to data from Coingecko, Loopring’s native token, LRC, experienced a slight reaction when news of the attack emerged. It is currently trading at $0.2199, reflecting a 2.7% decrease in the past 24 hours and an 18% decrease over the past 7 days.

Disclaimer

The opinions expressed by the writers at Grow My Bag are their own and do not reflect the official stance of Grow My Bag. The content provided on our site is not intended as investment advice, and Grow My Bag is not an investment advisor. We do not endorse buying or selling any cryptocurrencies or digital assets mentioned in our articles. High-risk investments in Bitcoin, cryptocurrencies, and digital assets require thorough due diligence, and all transfers and trades made are at your own risk. Grow My Bag is not responsible for any potential losses and participates in affiliate marketing.
 1 Nov 24
 1 Nov 24
 1 Nov 24