April 19, 2024
Latest Cryptocurrency News

Layerswap and ParaSwap: Recent Security Breaches Shake Crypto Users

On March 20, Layerswap.io, a crucial bridge between centralized crypto exchanges and layer-2 blockchains, fell victim to a domain hijack, resulting in a loss of approximately $100,000 in user funds. The breach occurred around 15:40 ET, redirecting users to a phishing site and attempting to reset Layerswap’s X account, leaving the social media account inaccessible.

Delayed Intervention and Phishing Scam

Layerswap pointed to domain registrar GoDaddy’s delayed response as a factor prolonging the hacker’s control. Notably, it wasn’t until 19:07 ET that Layerswap regained access to its GoDaddy account and reversed the changes made by the hijacker. Despite seeking clarifications from GoDaddy, Layerswap lamented the lack of concrete answers and awaited a detailed report, which they pledged to share with their community for transparency.

Recovery Efforts and Compensation Plans

The sophisticated phishing scam impacted approximately 50 users, prompting Layerswap to commit to fully refunding affected users and offering an additional 10% as compensation for the inconvenience caused. Layerswap urged investors to revoke their token approvals promptly to mitigate further losses and initiated the process of refunding affected users. However, Layerswap did not immediately respond to requests for comments from Cointelegraph.

ParaSwap Faces Vulnerability, Prevents Substantial Losses

In a parallel incident, decentralized finance (DeFi) aggregator ParaSwap narrowly averted significant losses due to a vulnerability in its newly deployed Augustus v6 contract. Despite efforts to roll back the v6 contract and warn users, the hacker still managed to siphon off around $24,000 from four different addresses, affecting a total of 386 addresses.

386 wallet addresses identified by ParaSwap as being affected by the Augustus v6 contract vulnerability. Source: paraswap.notion.site

User Safety Measures

ParaSwap advised affected users to report any unidentified losses and emphasized the importance of revoking approvals to safeguard against further risks. The protocol recommended utilizing exploit checker services like Revoke to ensure user safety in the aftermath of the incident.

Image by freepik

Related posts

Altman and Brockman Join Microsoft After Leaving OpenAI

Harper Hall

Crypto Security Alert: $997 Million Lost to Exploits, Hacks, and Scams in 2023

Kevin Wilson

Citi Successfully Tests Tokenization of Traditional Finance Assets on Blockchain

Eva Moore

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More