Layerswap successfully counteracts cyberattack that resulted in $100K loss

Layerswap, a platform that acts as a link between centralized crypto exchanges and layer-2 blockchains, recently experienced a temporary hijack of its domain that resulted in the loss of around $100,000 worth of user funds. On March 20, at approximately 19:40 UTC, the layerswap.io domain was compromised, redirecting users to a phishing website when they tried to access the service. Shortly after, the hacker attempted to reset Layerswap’s X account, effectively locking out access to the social media account. It was revealed that the slow response from domain registrar GoDaddy allowed the hacker to maintain control of the domain for an extended period. However, at around 11:07 pm UTC, Layerswap regained access to its GoDaddy account and reversed the changes made by the hacker. In response to the incident, Layerswap has committed to fully refunding the affected users and offering an additional 10% as compensation for the inconvenience caused. It is advised that investors revoke their token approvals to prevent further loss of funds and claim any lost funds and assets. Layerswap has already begun the process of refunding affected users. As of now, Layerswap has not provided any comment in response to Cointelegraph’s request for further information. In a separate incident, decentralized finance (DeFi) aggregator ParaSwap narrowly avoided a significant loss of funds due to a vulnerability in its newly deployed Augustus v6 contract. Despite ParaSwap’s efforts to roll back the contract and inform users, the hacker managed to cash out approximately $24,000 from four different addresses. A total of 386 addresses were affected by the vulnerability, and ParaSwap has urged users to report any unidentified loss of funds. To ensure their safety, individuals are advised to revoke their approvals and use exploit checker services like Revoke.