Search
Close this search box.
Search
Close this search box.

Ethereum Layer 2 Protocol Loopring Fall Victim To Security Breach

Ethereum Layer 2 Protocol Loopring was hacked, resulting in a $5 million loss due to a vulnerability in the wallet's Guardian security feature
Loopring Smart Wallet hacked

On June 9th, the Loopring Smart Wallet was hacked, resulting in a $5 million loss due to a vulnerability in the wallet’s Guardian security feature. The project administrators swiftly reported the incident on the social media platform X (formerly known as Twitter). This marks the second hack in June 2024, following a recent attack on the Velocore DEX on zkSync and Linea.

A recent hack on the Loopring Smart Wallet has caused an estimated loss of $5 million. The breach exploited a flaw in the wallet’s Guardian recovery service. Loopring had previously boasted that their wallet was “the safest Ethereum wallet,” but hackers exploited this confidence to carry out the attack.

The 2FA Guardian service on Loopring Smart Wallet allows users to designate individuals or organizations as Guardians to help with security tasks such as locking or recovering a compromised wallet if the Seed Phrase is lost. Typically, actions like locking or recovering a wallet require the consent of more than half of the Guardians. However, a hacker found a way to bypass Loopring’s security system.

The hacker exploited a vulnerability in wallets with only a single Loopring Official Guardian. They managed to initiate the wallet recovery process without the owner’s permission. The Loopring Official Guardian, provided by Loopring, is automatically added to the wallet when users create it.

Wallets that used multiple Guardians or third-party Guardians were not affected by this vulnerability.

Loopring has disclosed two wallet addresses believed to be involved in the attack, holding more than $5 million worth of ETH from affected wallets. One of these wallets holds assets totaling $5.1 million.

Loopring Smart Wallet hacked
The hacker’s wallet holds 5.1 million USD

The hack started at 1 a.m. on June 9, the hacker transferred about 190,000 LRC tokens to his wallet.

Loopring Smart Wallet hacked
The first transaction in the hack

Loopring also stated that they are working with law enforcement to track down the perpetrators and are asking anyone with additional information about the hack to share it with the project team.

While the project team may not have anticipated this hack, they have acknowledged the risks of the Loopring Official Guardian being compromised and recommend that users set up at least three Guardians.

Statement about possible hacker attack Loopring Official Guardian

Meanwhile, the price of Loopring’s LRC token has dropped about 5% since the project announced the attack and is currently trading around $0.22.

4h chart of the LRC/USDT pair on Binance at 10:40 AM on June 10, 2024

Share:

New Post

Read more

Since being listed on Bithumb, one of South Korea's largest exchanges, Bonk (BONK) has witnessed a sharp rise of approximately 33.7% over the past week and over 50% in the last month.
ADA explosive rally to $0.80, fueled by a 297% surge in large transaction volume, signals unstoppable momentum as ADA eyes the $1 milestone for the first time since 2022.
The SEC has delivered a $4.6 million payout to BitClave ICO investors, marking a landmark move toward accountability and justice in the volatile crypto market.