According to Odaily, a few hours ago, several Loopring smart wallets were compromised due to a security vulnerability. The attackers exploited wallets that only had one guardian, specifically the official Loopring guardian. The hackers initiated the recovery process, impersonating the wallet owners to reset ownership and extract assets.
The attack successfully infiltrated Loopring's 2FA service, allowing the hackers to pose as the wallet owners and gain recovery approval from the official guardian. Subsequently, the attackers transferred assets out of the affected wallets. Loopring is currently actively collaborating with Mist security experts to determine how their 2FA service was breached. To protect users, operations related to Guardian and 2FA have been temporarily suspended.
Loopring is working with law enforcement agencies and professional security teams to track down the perpetrators. Updates will be provided as the investigation progresses. The hacker addresses involved are: 0x44f887cfbd667cb2042dd55ab1d8951c94bb0102 0xbacef3a142e39f14f4f15e22e9248ee4141af18f.