Animoca Brands' Lympo NFT Platform Hacked, Losing $18.7M

Sports NFT minting platform and Animoca Brands subsidiary Lympo suffered a hot wallet security breach and lost 165.2 million LMT tokens, worth $18.7 million at the time of the hack.

A brief update posted by the Lympo team on Medium states that on Jan. 10, hackers managed to gain access to Lympo’s hot wallet and “stolen a total of approximately 165.2 million LMT from it.”

According to the post, 10 different project wallets were compromised in this attack. It appears that most of the stolen tokens were sent to an address, exchanged for ETH on Uniswap and Sushiswap, and then sent elsewhere.

LMT’s price plummeted 92 percent to $0.0093 after hackers moved and sold the stolen funds from the project’s hot wallet.

The team later tweeted on Jan. 11 that they were "working to stabilize the situation and resume all operations." The team also stated that it had removed liquidity LMT from the liquidity pool to "minimize impact on Disruption of token prices”.

Lympo provided an update on the LMT token drop and hack that occurred at approximately 12:32 UTC on January 10. We are working to stabilize the situation and resume all operations.

— Lympo.io - Crypto Community (@Lympo_io) January 10, 2022

The removal of liquidity from the pools trading LMT means that traders will not be able to buy or sell any large amounts of tokens without experiencing a huge loss in value on their trades.

Earlier on Jan. 11, the team urged traders not to buy or sell any LMT tokens while their investigations are completed and the next best course of action is determined.

Lympo, a subsidiary of Animoca Brands, may benefit from the intervention of the Animoca team. Animoca CEO Yat Siu told Cointelegraph, “We are working with Lympo to assist them in their recovery plan, but we don’t have any specific mechanism.”

Second hot wallet hack this week

A hot wallet on centralized cryptocurrency exchange LCX also suffered a security breach, resulting in a loss of nearly $7 million on Jan. 8. In that incident, hackers stole 8 different crypto assets.

LCX lost varying amounts of MKR, ENJ, LINK, QNT, SAND, ETH, LCX, and USDC. Most of the funds were converted into ETH and then sent to Tornado Cash, a privacy tool designed to hide the origin and destination of the ETH.

The LCX team released an update on January 10, assuring users that they will be compensated and that no personal data was compromised during the attack. The team wrote:

"LCX will use our own funds to cover this incident and compensate affected users. There will be no impact on users' LCX balances."

Cointelegraph Chinese is a blockchain news information platform, and the information provided only represents the author's personal opinion, has nothing to do with the position of the Cointelegraph Chinese platform, and does not constitute any investment and financial advice. Readers are requested to establish correct currency concepts and investment concepts, and earnestly raise risk awareness.