在駭客利用 2FA 漏洞損失數百萬美元後，Loopring 與專家和當局合作

週日，基於以太坊的 ZK-rollup 協議路印協議 (Loopring) 遭遇重大安全漏洞。這次事件造成的損失達數百萬美元。

Loopring, an Ethereum-based ZK-rollup protocol, encountered a significant security breach on Sunday, leading to losses in the millions of dollars.

Loopring 是一種基於以太坊的 ZK-rollup 協議，週日遭遇重大安全漏洞，導致數百萬美元的損失。

The attack exploited a vulnerability in Loopring's Guardian wallet recovery service, specifically targeting the two-factor authentication (2FA) process.

該攻擊利用了 Loopring 的 Guardian 錢包恢復服務中的漏洞，特別針對雙重認證 (2FA) 流程。

After the Hack, Loopring Cooperates with Experts and Authorities

駭客入侵後，路印協議與專家和權威機構合作

Loopring's Guardian service enables users to designate trusted wallets for various security tasks, such as locking a compromised wallet or restoring one if the seed phrase is lost. However, the attacker managed to bypass this service, performing unauthorized wallet recoveries with a single guardian.

Loopring 的 Guardian 服務使用戶能夠指定受信任的錢包來執行各種安全任務，例如鎖定受損的錢包或在種子短語遺失時恢復錢包。然而，攻擊者設法繞過此服務，透過單一監護人執行未經授權的錢包恢復。

The vulnerability in Loopring's 2FA service allowed the attacker to impersonate the wallet owner, gaining approval for the recovery process, resetting ownership, and withdrawing assets from the affected wallets. Notably, the exploit primarily affected wallets that did not have multiple or third-party guardians.

Loopring 的 2FA 服務中的漏洞允許攻擊者冒充錢包所有者，獲得恢復過程的批准，重置所有權，並從受影響的錢包中提取資產。值得注意的是，該漏洞主要影響沒有多個或第三方監護人的錢包。

The team has identified two wallet addresses involved in the breach. On-chain data reveals that one wallet drained approximately $5 million from the compromised wallets, which have now been fully swapped to Ethereum (ETH).

該團隊已確定涉及此次洩漏的兩個錢包地址。鏈上數據顯示，一個錢包從受感染的錢包中損失了約 500 萬美元，這些錢包現已完全轉換為以太坊 (ETH)。

Loopring stated that they are working with Mist security experts to uncover the method used by the attacker to compromise their 2FA service. To safeguard users, Guardian-related and 2FA-related operations have been temporarily suspended, which ultimately halted the compromise.

Loopring 表示，他們正在與 Mist 安全專家合作，揭露攻擊者用來破壞其 2FA 服務的方法。為了保護用戶，Guardian 相關和 2FA 相關操作已暫時停止，最終阻止了攻擊。

“Loopring is working with law enforcement and professional security teams to track down the perpetrator. We will continue to provide updates as soon as the investigation progresses,” the team added.

「Loopring 正在與執法部門和專業安全團隊合作追查肇事者。一旦調查取得進展，我們將繼續提供最新資訊。

This incident follows a recent data breach at crypto market data aggregator CoinGecko, which was accessed through its third-party email service provider, GetResponse.

在此事件發生之前，加密貨幣市場資料聚合商 CoinGecko 最近發生了一次資料外洩事件，該事件是透過其第三方電子郵件服務提供者 GetResponse 存取的。

On June 5, the attacker compromised the account of a GetResponse employee and exported nearly 2 million contacts from CoinGecko's account.

6 月 5 日，攻擊者入侵了 GetResponse 員工的帳戶，並從 CoinGecko 的帳戶中匯出了近 200 萬個聯絡人資訊。

Subsequently, the attacker sent 23,723 phishing emails using the account of another GetResponse client. However, it's important to note that the malicious actors did not use CoinGecko's domain to send harmful emails.

隨後，攻擊者使用另一個 GetResponse 用戶端的帳戶發送了 23,723 封釣魚電子郵件。然而，值得注意的是，惡意行為者並未使用 CoinGecko 的網域發送有害電子郵件。

CoinGecko also reassured its users that the breach did not compromise their accounts and passwords. Nevertheless, the leaked data included users' names, email addresses, IP addresses, and the locations where emails were opened.

CoinGecko 也向用戶保證，這次洩漏事件並未損害他們的帳戶和密碼。然而，洩漏的資料包括使用者姓名、電子郵件地址、IP 位址以及開啟電子郵件的位置。

In response to the breach, CoinGecko advised users to remain vigilant, particularly regarding emails offering airdrops. The platform also highlighted the importance of avoiding links or email attachments from unfamiliar senders and adhering to recommended security measures.

針對此外洩事件，CoinGecko 建議用戶保持警惕，特別是提供空投的電子郵件。該平台還強調了避免來自不熟悉的寄件者的連結或電子郵件附件以及遵守建議的安全措施的重要性。