The altcoin team reported that some users have suffered losses due to a vulnerability in their wallet services.
Loopring (LRC), a zkEVM protocol that is built on #Ethereum and boasts of having “the most secure Ethereum wallet,” has announced a security breach related to its Guardian two-factor authentication service.
The Guardian service allows users to identify trusted individuals or institutions in their wallets to assist with security operations such as blocking a compromised wallet or recovering a wallet if the seed phrase is lost. However, the hacker managed to bypass the official Guardian Loopring service and initiate wallet recovery using this service without users' permission.
According to the Loopring website, more than half of custodial wallets are required to initiate transactions. Thus, wallets that used multiple protectors or another third-party protector were protected from the vulnerability.
Loopring shared the addresses of two wallets that it claimed were involved in the security breach. Blockchain data shows that one wallet managed to withdraw approximately $5 million worth of tokens from the affected wallets.
“We are actively working with Mist security experts to determine how our 2FA service was compromised. To protect our users, we have temporarily suspended operations related to Guardian and 2FA. Following this action, the vulnerability was resolved,” Loopring said in a statement.
Protocol also said it is working with law enforcement to track down the attacker and asked anyone with more information about the attack to share it with them.
You can also subscribe to the blog. Here we will publish new articles, videos and other materials that will help you earn money.