Loopring hack reveals vulnerability in Most Secure Wallet results in 5 million loss
News 

Loopring hack reveals vulnerability in Most Secure Wallet results in 5 million loss

Key Points:
Loopring, a DeFi platform, recently fell victim to a $5 million hack targeting its “most secure wallet” Guardian 2FA service.
The attacker took advantage of a vulnerability to reset wallets with only one Guardian.
Loopring is collaborating with Mist Security to investigate the breach and track down the hacker. As a result of the hack, Loopring’s token price experienced a 5% drop.

Loopring, a decentralized finance (DeFi) protocol operating on the Ethereum network, has been compromised in a cyber attack resulting in a significant $5 million loss. The breach specifically targeted Loopring’s ‘Guardian’ two-factor authentication (2FA) service, which is designed to enhance the security of its highly touted smart wallet known as “Ethereum’s most secure wallet.”

Breaking News: Loopring Smart Wallets Under Attack
Reports have surfaced that a number of Loopring Smart Wallets were recently targeted in a security breach. The attacker exploited wallets that had only one Guardian, particularly the Loopring Official Guardian. By initiating a Recovery process, the hacker was able to…

pic.twitter.com/Y9mYC4j9QJ
— Loopring (@loopringorg)
June 9, 2024

But how did the hackers manage to breach this supposedly impregnable system? And what implications does this have for your cryptocurrency holdings? Keep reading to find out…

Exploitation of Guardian 2FA Service
The Guardian service enables users with specific wallets to invite trusted wallets for security-related tasks, such as freezing a compromised wallet or recovering it in case the seed phrase is lost. Unfortunately, a hacker took advantage of a vulnerability in Loopring’s Official Guardian service, carrying out unauthorized recoveries on wallets with a single guardian. Wallets with multiple guardians or those utilizing different guardian types remained unaffected.

Extent of the Breach
Analysis of blockchain data indicated that two wallets were implicated in the breach, with one wallet being completely emptied of approximately $5 million worth of tokens.

Immediate Response
In light of the breach, Loopring announced via social media platform X that it is collaborating with Mist Security to pinpoint the vulnerability in the 2FA service. As a precautionary measure, Loopring has temporarily disabled all Guardian and 2FA functions to prevent further unauthorized access.

Edit + update:
We are collaborating with @SlowMist_Team and other cybersecurity experts and authorities to continue investigating this incident.
We will keep the community informed as soon as we have new updates to share.
Ensuring security and safeguarding user interests remain our top priorities.
— Loopring (@loopringorg)
June 9, 2024

Market Response
Loopring is actively working to identify the perpetrator and has reached out to the community for any pertinent information. Following the disclosure of the breach, Loopring’s native token, LRC, experienced a 5% decline in value over the past day, currently trading at $0.2171, reflecting the market’s reaction to the breach.

This incident underscores the persistent challenges in securing decentralized finance platforms and emphasizes the importance of robust, multi-layered security measures.
Feeling uneasy about the safety of your cryptocurrency holdings? Delve into our comprehensive guide on crypto security here:
A Comprehensive Guide to Keeping Your Crypto Safe

Tags: Hack

Leave a Reply

Your email address will not be published. Required fields are marked *