Blockchain Protocol Loopring Announced a $5M Security Breach

Loopring, a smart wallet application on Ethereum that advocates for privacy rights, ran into security trouble with its 'Guardian' two-factor authentication (2FA) service, the company said on Sunday.
Guardian allows users to designate trusted parties to help with tasks like locking wallets with invalid keys and recovering lost seed phrases.
Yet a hacker was able to bypass Loopring’s Official Guardian to initiate recoveries without user consent. The good news is users with 2 of 3 or 3 of 5 Multisig Wallets, where BitGo held 1 key, were not affected.
Loopring said it traced the hack to two wallet addresses, one of which siphoned off about $5 million in tokens.
The protocol has put a pause on any Guardian related operations for the meantime and it did ask security professionals to assist in digging deeper into the compromise.
READ MORE: Norwegian Government Recovers $5.7 Million Linked to Ronin Exploit
Law enforcement cooperation began tracing the offender and Loopring encourages everyone to share as much as related information.
While the event might have been unexpected for the team, Loopring’s own risk disclosure had warned of possible weaknesses in its Guardian service – recommending that users setup multiple guardians for added security.