HomeEthereumLoopring Wallet Breach: Understanding the Exploitation

Loopring Wallet Breach: Understanding the Exploitation

-



Loopring, an Ethereum ZK-Rollup protocol, reported on June 9 that some of its smart wallets were exploited for an undisclosed sum.

Following the news, Loopring’s LRC token dropped by approximately 4%, hitting a four-month low of $0.21, according to CryptoSlate’s data.

$5 million lost

Blockchain security firm Cyvers Alert reported that the breach led to the theft of approximately 1,373 ETH, valued at $5 million.

Loopring had previously described its smart wallets as the “most secured wallets” on the Ethereum blockchain because they possess security measures designed to protect against asset theft.

However, the firm explained that its two-factor authentication service was compromised, allowing the malicious actor to initiate a recovery process, reset ownership, and withdraw assets. Loopring stated:

“The attack succeeded by compromising Loopring’s Two-Factor Authentication (2FA) service, allowing the hacker to impersonate the wallet owner and gain approval for the Recovery from the Official Guardian. Subsequently, the attacker transferred assets out of the affected wallets.”

Meanwhile, Loopring said it was working with blockchain security firm SlowMist to determine how its 2FA service was compromised. The team has temporarily suspended Guardian and other 2FA-related operations. It added:

“Loopring is working with law enforcement and professional security teams to track down the perpetrator. We will continue to provide updates as soon as the investigation progresses.”

Smart Wallets

This breach occurs when smart wallets are gaining traction in the Ethereum community.

Over the past year, support for smart wallets has surged following the Ethereum Foundation’s ERC-4337 account abstraction going live on the Ethereum mainnet. This technology allows users to customize their digital asset management.

Prominent figures like Vitalik Buterin and organizations like Coinbase have backed this technology, which is expected to be part of the upcoming Pectra hard fork.

However, decentralization advocate Chris Blec noted that the Loopring incident demonstrates that “smart wallets are not ready for prime-time,” advising users to “stick with properly-secured seed phrases for maximum safety and sovereignty.”

Similarly, Pratik Kala, Head of Research at Liquid Digital Assets, commented:

“Smart wallets are the rave [at the moment] but new attack vectors come with new tech. We’ll get over it over time but be safe and use hardware wallets for [significant assets.]”

Mentioned in this article

LEAVE A REPLY

Please enter your comment!
Please enter your name here

LATEST POSTS

Dow holds firm while Big Tech pullback sinks S&P 500. Here’s why the market can take it.

A sharp pullback by the same megacap tech stocks that have driven a robust 2024 rally was dragging down the S&P 500 and the...

XRP Lawyer Debunks Ripple-SEC Settlement Rumor For Tomorrow

A rumor claiming a potential settlement between Ripple and the US Securities and Exchange Commission (SEC) scheduled for a closed meeting on July 18...

Worldcoin (WLD) Price Spikes Over 55% but ZachXBT Issues Caution to Investors

The Wordcoin (WLD) community recently surpassed 6 million users, thus fueling the ongoing bullish rebound. Worldcoin (WLD), a Web3 project incubated by OpenAI CEO Sam...

Bitcoin Price Prediction: BTC Breaks $65K As Craig Wright Admits He’s Not Satoshi Nakamoto And Investors Flock To This Learn-To-Earn Crypto For Its 696%...

Join Our Telegram channel to stay up to date on breaking news coverage The Bitcoin price soared 2% in the last 24 hours to trade...

Most Popular