Layerswap, a digital bridge connecting centralized cryptocurrency exchanges to Layer-2 networks, successfully reclaimed its domain after facing a phishing attack that led to an estimated loss of $100,000 for users. On the evening of March 20th, the Layerswap website was compromised, rerouting users to a fraudulent site.
Effective Crisis Management
In the wake of the breach, an unauthorized party attempted to reset one of Layerswap’s essential accounts, which resulted in the temporary loss of their social media presence. The delayed action of the domain provider GoDaddy prolonged the hacker’s control. However, Layerswap restored its access and control over the domain by the early hours of March 21st. The team has announced they will share details of the incident for clarity once they receive further information from GoDaddy.
The scam affected roughly 50 users, who will receive full compensation for the stolen funds plus an additional 10% reward. Layerswap has emphasized its commitment to its community by ensuring all impacted parties will be refunded.
Challenges for DeFi Security
To safeguard against further unauthorized transactions, investors were urged to retract their token approvals. Concurrently, the DeFi platform ParaSwap addressed a security flaw that could have led to significant financial losses. ParaSwap took swift action to secure funds and advised users on precautionary steps to take, although a smaller scale theft of $24,000 did occur.
With 386 addresses compromised by the security gap, ParaSwap has continued to urge users to report any undetected losses and to verify their account security, highlighting the ongoing risks in the DeFi space and the importance of vigilant security measures.