Loopring Hit by $5 Million Hack Through 2FA Breach
The ZK protocol based on Ethereum, Loopring, has suffered a hacker attack. The attacker stole $5 million from compromised wallets, withdrawing the funds in Ethereum.
On this page
The ZK protocol based on Ethereum, Loopring, has suffered a hacker attack. The attacker stole $5 million from compromised wallets, withdrawing the funds in Ethereum.
Unlike non-custodial crypto wallets, where owners are responsible for their funds' security, Loopring allows the creation of wallets with multiple guardians. This setup permits access recovery if the primary private key is lost. Guardians can include the user’s wallet, friends' wallets, or even a trusted firm (including Loopring itself). Thus, access recovery requires the consent of the majority of guardians rather than a seed phrase.
The hacker breached Loopring’s two-factor authentication (2FA) system, allowing them to impersonate the wallet owners. The fraudster then used the access recovery feature to withdraw funds. The affected wallets had a single guardian: Loopring Official Guardian. By deceiving project employees through the compromised 2FA, the hacker secured their consent to access the wallets.
The Loopring team is currently collaborating with analysts from SlowMist to trace the hacker and recover the stolen funds.
The content on The Coinomist is for informational purposes only and should not be interpreted as financial advice. While we strive to provide accurate and up-to-date information, we do not guarantee the accuracy, completeness, or reliability of any content. Neither we accept liability for any errors or omissions in the information provided or for any financial losses incurred as a result of relying on this information. Actions based on this content are at your own risk. Always do your own research and consult a professional. See our Terms, Privacy Policy, and Disclaimers for more details.
Articles by this author
