Attackers exploit Guardian feature, stealing 1,373 ETH; Loopring suspends recovery process and advises users to review security settings.
The Ethereum Layer 2 protocol, Loopring, has recently faced a significant security breach that has sent ripples through the cryptocurrency community. This incident has raised serious concerns about the safety and security of assets stored in Loopring’s smart wallets.
Details of the Breach
Loopring reported that attackers exploited the recovery process of its smart wallets, specifically targeting the Guardian feature. By impersonating wallet owners, the attackers were able to reset wallet ownership and withdraw funds. This breach primarily affected wallets that had only one Guardian, particularly those using the Loopring Official Guardian.
As a result of this security lapse, Loopring has temporarily suspended the recovery feature and initiated a thorough investigation. They have also advised users to review their security settings and avoid using the recovery process until further notice.
Impact on Loopring and Its Users
The breach led to the theft of approximately 1,373 ETH, valued at around $5 million. This significant loss has had a direct impact on Loopring’s native token, LRC, which saw a drop of about 4%, reaching a four-month low of $0.21.
The compromise was attributed to a failure in Loopring’s Two-Factor Authentication (2FA) service. This allowed the attackers to impersonate wallet owners and transfer assets out of the compromised wallets. Loopring is now working closely with law enforcement and security teams to track down the perpetrators and has temporarily suspended Guardian and other 2FA-related operations.
