On Sunday, Loopring, an Ethereum zero-knowledge roll-up protocol, announced a significant security vulnerability attack on its smart wallets, linked to the Loopring Official Guardian.
The project is collaborating with security and law enforcement agencies to investigate how the two-factor authentication system was compromised and to track down the cybercriminals.
Loopring Official Guardian Exposed
In a comprehensive announcement shared on platform X, Loopring disclosed that the attacker targeted a subset of the wallet, capitalizing on the vulnerabilities of the Official Guardian. As such, some wallets within Loopring fell victim to this security breach.
Incident Alert: Loopring Smart Wallets Compromised
A few hours ago, some Loopring Smart Wallets were targeted in a security breach. The attack exploited wallets with only one Guardian, specifically the Loopring Official Guardian. The hacker initiated a Recovery process,… pic.twitter.com/Y9mYC4j9QJ
— Loopring (@loopringorg) June 9, 2024
The malicious actor circumvented Loopring’s authorized Guardian services by impersonating wallet owners. This allowed them to initiate unauthorized recoveries on wallets that relied solely on the compromised Guardian without the permission of the actual users.
By specifically targeting the Official Guardian and 2FA service, the attacker siphoned substantial assets from several wallets.
Loopring and blockchain audit firm Cyvers Alert identified and publicly shared the two malicious wallets. Onchain data from Etherscan revealed that one of the hacker’s wallets seized about $5 million worth of assets from the compromised wallets. The wallet has already swapped the crypto for ETH and still holds 1,373 ETH worth $5 million.
It is important to note that not all wallets were exposed. Wallets employing multiple guardians or alternative third-party guardians were not affected by the recent exploit.
Commitment to Protect Investors
Loopring announced on their X platform that they are working with Mist security experts and law enforcement agencies to determine how their two-factor authentication service was compromised and to track down the malicious actors.
To protect users, Loopring has temporarily suspended all Guardian-related and 2FA-related operations, which has since stopped the compromise. The network encourages anyone with additional information about the exploit to come forward and commits to providing updates as the investigation progresses.
As per their report, they remain steadfast in showing their commitment to safeguarding the interests of their users.
According to data from Coingecko, Loopring’s native token, LRC, experienced a slight reaction when news of the attack emerged. It is currently trading at $0.2199, reflecting a 2.7% decrease in the past 24 hours and an 18% decrease over the past 7 days.