Crypto:
32522
Bitcoin:
$97.531
% 0.70
BTC Dominance:
%55.8
% 0.22
Market Cap:
$3.44 T
% 0.50
Fear & Greed:
81 / 100
Bitcoin:
$ 97.531
BTC Dominance:
% 55.8
Market Cap:
$3.44 T

Ethereum’s Loopring Hacked, Guardian System Breached

Loopring

Originally revealed on Sunday, Loopring, the zkEVM protocol developed on Ethereum with a website billing its smart wallet application as “Ethereum’s most secure wallet,” suffered a security compromise connected to its “Guardian” two-factor authentication system.

Users of the Guardian service can choose to designate wallets of trustworthy people or businesses to help with security activities such as lock-in of a compromised wallet or restoration of one should the seed phrase disappear. Loopring revealed in its release that a hacker broke through company’s own Official Guardian system to start recovery on wallets using that one guardian without the users’ authorization. According to company’s website, wallets that used multiple guardians or another third-party guardian were shielded from the vulnerability, as more than 50% of guardians are required to start transactions.

Loopring’s 2FA Compromised, $5M Stolen

Loopring also revealed two wallet addresses identified by the protocol allegedly engaged in the security violation. Blockchain records reveal one wallet was able to empty the impacted wallets of around $5 million worth of tokens.

It Might Interest You: Arbitrum’s $215M Gaming Catalyst Program Approved

“We are working closely with Mist security professionals to ascertain the source of the compromise of our 2FA system. We have momentarily stopped Guardian-related and 2FA-related activities in order to safeguard our users. After this action, the compromise stopped,” the protocol said in its X statement. The block couldn’t loop right away for comments.

Loopring has asked that anyone with further knowledge about the attack forward it to the protocol and mentioned that it’s working with law enforcement to track the offender.

READ:  What is Astar (ASTR) Network?

Although the attack probably caught the team off guard, Loopring’s risk disclosure statement points to a breach of its Guardian system as a possible attack path and advises users to find at least three guardians. “We will automatically add the Loopring Official Guardian service to your wallet after it is generated. Loopring Official Guardian is a centralized service, so hackers could target and control it.” company’s website says.

Rate this post

Leave a Reply

Your email address will not be published. Required fields are marked *