Layerswap, a platform facilitating cryptocurrency transfers between centralized exchanges and layer-2 blockchains, encountered a domain hijacking incident resulting in a phishing scam that led to the loss of approximately $100,000 worth of crypto assets from about 50 users.
In a commendable response, Layerswap has committed to fully reimburse the affected users for their stolen funds. Moreover, they have pledged to provide a 10% bonus as compensation for the inconvenience caused by the attack.
Layerswap Hit by Domain Hijacking and Phishing Attack, Commits to Reimbursing Users On March 20 around 7:40 UTC, a significant security breach occurred involving the layerswap.io domain. Malicious actors compromised Layerswap’s GoDaddy account, allowing them to manipulate the domain’s DNS settings. This led to traffic being redirected to a phishing site when users attempted to access Layerswap’s website. The attackers also altered the domain owner’s email address, gaining full control over DNS and associated email services. Although an attempt was made to reset Layerswap’s X account password at 7:42 pm UTC, the 2FA-enabled login thwarted both the company and the attackers. Nevertheless, the compromise resulted in approximately 50 individuals falling victim to the scam and collectively losing around $100,000 worth of assets.
At 7:45 p.m., Layerswap promptly reached out to GoDaddy Support for assistance, encountering delays in response. Initially, GoDaddy indicated a 12-hour response time, later reduced to 3 hours. This delayed response allowed the hacker to maintain control over the domain for an extended period.
By around 10:21 pm, Layerswap received instructions from GoDaddy on resetting the account password. However, the account was found locked, and the attackers had once again changed the associated email address.
Fortunately, by 11:07 p.m. UTC, Layerswap regained access to their GoDaddy account, enabling them to reverse the hacker’s alterations and regain control of their domain.
In response to the impact on affected users, Layerswap has taken proactive measures, fully reimbursing the affected users and offering an additional 10% as compensation for the disruption caused by the security breach.
Crypto Scammers Remain Active: $46 Million Lost in February Despite Fewer Large Victims According to a report by Cryptonews, Scam Sniffer revealed that February 2024 witnessed a substantial loss of $46.86 million in cryptocurrencies due to scams. Over 57,000 individuals fell victim to various phishing scams during this period. Notably, there was a significant 75% decrease in victims losing over $1 million compared to January 2024.
The Ethereum mainnet accounted for over $36.2 million of the total losses, constituting 78% of the total exploits in February. Ethereum blockchain users comprised the largest group of victims, totaling 25,029 individuals.
On February 15 alone, over $6.2 million in digital assets were lost, indicating a notable spike in scam activities on that day.
In March, ParaSwap, a decentralized finance (DeFi) aggregator, faced a significant vulnerability in its newly deployed Augustus v6 contract. Despite immediate action to roll back the v6 contract and alert users, a hacker managed to cash out funds worth approximately $24,000 from four different addresses. This incident affected 386 addresses, prompting the protocol to urge users to report any unidentified loss of funds during the initial investigation.