Loopring suffers $5 million hack after 'Guardian' two-factor authentication service is compromised
Quick Take
- Loopring, the ZK-rollup based protocol built on Ethereum, had its two-factor authentication based Guardian wallet recovery service compromised in a hack, the company recently disclosed.
- About $5 million was drained from wallets protected by Loopring’s Guardian service, blockchain data shows.
Loopring, the zkEVM protocol built on Ethereum with a website that bills its smart wallet application as "Ethereum's most secure wallet," suffered a security breach related to its 'Guardian' two-factor authentication service, the protocol announced on Sunday.
Through the Guardian service, users can elect to name wallets of trusted individuals or institutions to assist in security operations such as locking a compromised wallet or restoring one if the seed phrase is lost. However, a hacker managed to bypass Loopring's own Official Guardian service to instigate recoveries on wallets with that single guardian without the users' permission, Loopring disclosed in its announcement. As more than half of guardians are needed to instigate transactions, according to Loopring's website, wallets that used multiple guardians or a different, third-party guardian were protected from the exploit.
Loopring also shared two wallet addresses the protocol says were involved in the security breach. Blockchain data shows one wallet was able to drain about $5 million worth of tokens from the affected wallets.
"We are actively collaborating with Mist security experts to determine how our 2FA service was compromised. To protect our users, we have temporarily suspended Guardian-related and 2FA-related operations. Following this action, the compromise has ceased," the protocol wrote in its announcement on X. Loopring was unable to be immediately reached for comment by The Block.
Loopring also reported that it's working with law enforcement to trace the perpetrator and requested that anyone with additional information about the hack share it with the protocol.
While the attack was likely a surprise for the team, Loopring's risk disclosure statement identifies a compromise to its Guardian service as a potential attack vector, and recommends users identify at least three guardians. "After your Wallet is created, we will add Loopring Official Guardian service to your Wallet by default. As a centralized service, Loopring Official Guardian may be attacked and controlled by hackers," Loopring's website reads.
Loopring's native token has fallen about 5% in the last 24 hours following the protocol's disclosure of the hack, according to The Block's Price Page.
Disclaimer: The Block is an independent media outlet that delivers news, research, and data. As of November 2023, Foresight Ventures is a majority investor of The Block. Foresight Ventures invests in other companies in the crypto space. Crypto exchange Bitget is an anchor LP for Foresight Ventures. The Block continues to operate independently to deliver objective, impactful, and timely information about the crypto industry. Here are our current financial disclosures.
© 2025 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
