Layerswap — a bridge between centralized crypto exchanges and layer-2 blockchains — regained access to its domain after a short-lived hijack that drained roughly $100,000 of users’ funds.
On March 20, at around 19:40 UTC, the layerswap.io domain was compromised, and users trying to access the service were redirected to a phishing website. Moments later, the hacker attempted to reset Layerswap’s X account, which locked out access to the social media account completely.
According to Layerswap, domain registrar GoDaddy’s sluggish intervention allowed the hacker to retain longer control of the domain. At around 23:07 UTC, LayerSwap regained the ability to log into their GoDaddy account and reset the changes made by the hacker. The company stated:
“In pursuit of understanding how the breach occurred, we engaged with GoDaddy support for explanations but were left without concrete answers. We agreed to receive a detailed report via email, which we plan to share with our community for transparency.”
The elaborate Layerswap phishing scam managed to drain approximately $100,000 in crypto assets from roughly 50 users. The platform plans to fully refund the affected users and reward an additional 10% as compensation for the inconvenience caused.
Investors are advised to revoke their token approvals to prevent further loss of funds and claim lost funds and assets. Lyerswap has now started the process of refunding affected users.
LayerSwap did not immediately respond to Cointelegraph's request for comment.
Related: GoDaddy to charge $0 for ENS .eth name pairing
Along a similar timeline, decentralized finance (DeFi) aggregator ParaSwap prevented a colossal loss of funds that stemmed from a vulnerability present in its newly deployed Augustus v6 contract.
Despite ParaSwap’s efforts to roll back the v6 contract and inform users to take necessary steps, the hacker managed to cash out funds worth roughly $24,000 from four different addresses.
In total, 386 addresses were affected by the vulnerability. The protocol also asked users to report any loss of funds that may have gone unidentified during the preliminary investigation.
Affected users remain at risk as long as they haven’t revoked their approvals, and ParaSwap recommends individuals use exploit checker services like Revoke to confirm their safety.
Magazine: Bitcoin ETFs make Coinbase a ‘honeypot’ for hackers and governments: Trezor CEO
