A bridge between centralized crypto exchanges and Layer-2 blockchain ecosystems, Layerswap regained access to its domain after a brief takeover that drained approximately $100,000 from users’ funds. Around 22:40 on March 20th, the Layerswap website was hijacked, and users attempting to access the service were redirected to a phishing website.
Layerswap Team Responds Promptly
Minutes after the incident, a hacker tried to reset Layerswap’s X account, which completely locked access to its social media account. According to the Layerswap team, the slow response from the domain registrar GoDaddy allowed the hacker to maintain control of the domain for a longer period. Layerswap regained the ability to log into their GoDaddy account and reverse the hacker’s changes around 02:07 on March 21st. The company stated the following:
“We contacted GoDaddy’s support team to understand how the breach occurred but did not receive concrete answers. We agreed to receive a detailed report via email, which we plan to share with our community for transparency.”
Layerswap phishing scam successfully withdrew about $100,000 from nearly 50 users’ crypto assets. The platform plans to fully reimburse affected users and offer an additional 10% reward as compensation for the inconvenience caused.
DeFi Space and Security Issues
To prevent further loss of funds, investors were advised to cancel their token approvals to claim lost funds and assets. Layerswap has now initiated the reimbursement process for affected users. Along a similar timeline, the decentralized finance (DeFi) platform ParaSwap recently prevented a significant loss of funds due to a security vulnerability in the addressed Augustus v6 contract.
ParaSwap’s efforts to revert the v6 contract and inform users of necessary steps notwithstanding, a hacker managed to withdraw approximately $24,000 in crypto assets from four different addresses.
In total, 386 addresses were affected by the security vulnerability. The protocol also asked users to report any loss of funds that may not have been detected during the preliminary investigation. Affected users remain at risk until they cancel their approvals, and ParaSwap recommends using control services like Revoke to confirm their security.
