$100k stolen funds to be refunded as Layerswap domain hijack comes to an end

Layerswap, a platform that facilitates transactions between centralized cryptocurrency exchanges and layer-2 blockchains, has successfully regained control over its domain following a brief hijacking incident. This security breach resulted in the loss of approximately $100,000 from users. The incident occurred on March 20 at 19:40 UTC when the layerswap.io domain was taken over, redirecting users to a phishing site. Additionally, the attacker attempted to reset Layerswap’s social media account on platform X, effectively locking the company out.

According to Layerswap, the slow response from GoDaddy allowed the hacker to maintain control of the domain for an extended period. However, at around 23:07 UTC, LayerSwap regained access to their GoDaddy account and reversed the hacker’s changes. The company has engaged with GoDaddy support to understand how the breach occurred and plans to share a detailed report with its community for transparency.

The sophisticated Layerswap phishing scheme resulted in the draining of around $100,000 in cryptocurrency holdings from approximately 50 individuals. In response, the company has committed to fully reimbursing the affected users and offering an additional 10% as compensation for the inconvenience. Layerswap has also advised investors to revoke their token authorizations as a precautionary measure to prevent further losses and has initiated the refund process for those impacted.

In a separate incident on March 20, hardware wallet provider Trezor was also targeted in a sophisticated cyberattack, resulting in a loss of at least $8,100. Cybercriminals sent deceitful messages about a non-existent “$TRZR” token presale on the Solana Network, leading Trezor’s followers to fraudulent websites designed to drain wallets.

These security breaches have drawn attention to the increasing involvement of North Korea in cyberattacks, as highlighted in a report by the United Nations Security Council. The report reveals that North Korea has earned nearly $3 billion through cyber heists, emphasizing the vulnerabilities present in the cryptocurrency sector’s security measures.