Layerswap, the vital link between centralized crypto exchanges and layer-2 blockchains, has triumphantly reclaimed its domain after a short-lived hijack drained roughly $100,000 of user funds.
On the fateful day of March 20, at approximately 19:40 UTC, layerswap.io fell victim to a domain compromise, redirecting unsuspecting users to a malicious phishing site.
Adding insult to injury, the hacker attempted to wrest control by resetting Layerswap’s vital Twitter account, effectively cutting off access to their social media.
In a gripping turn of events, Layerswap’s recovery was hindered by GoDaddy’s sluggish response, prolonging the hacker’s grasp on the domain until 23:07 UTC. However, with steely determination, Layerswap regained access, undoing the hacker’s misdeeds and restoring order.
Yet, amidst this chaos, Layerswap remains committed to transparency and accountability. Despite GoDaddy’s silence on the breach’s origins, Layerswap vows to share a detailed report with the community, shedding light on the incident.
The toll was heavy: $100,000 siphoned from the wallets of around 50 users. But Layerswap rises to the occasion, promising full refunds to those affected, along with an additional 10% as a token of appreciation for their patience and understanding.
Along a similar timeline, ParaSwap’s Augustus v6 contract had a vulnerability, leading to potential losses for 386 wallet addresses. Despite efforts to roll back the contract and notify users, the hacker withdrew around $24,000 from four addresses.
Also Read: Hacker Exploits Flaw in Dolomite Project, Steals $1.8M in USDC
