黑客利用 2FA 漏洞损失数百万美元后，Loopring 与专家和当局合作

周日，基于以太坊的 ZK-rollup 协议路印协议 (Loopring) 遭遇重大安全漏洞。此次事件造成的损失达数百万美元。

Loopring, an Ethereum-based ZK-rollup protocol, encountered a significant security breach on Sunday, leading to losses in the millions of dollars.

Loopring 是一种基于以太坊的 ZK-rollup 协议，周日遭遇重大安全漏洞，导致数百万美元的损失。

The attack exploited a vulnerability in Loopring's Guardian wallet recovery service, specifically targeting the two-factor authentication (2FA) process.

该攻击利用了 Loopring 的 Guardian 钱包恢复服务中的漏洞，特别针对双因素身份验证 (2FA) 过程。

After the Hack, Loopring Cooperates with Experts and Authorities

黑客入侵后，路印协议与专家和权威机构合作

Loopring's Guardian service enables users to designate trusted wallets for various security tasks, such as locking a compromised wallet or restoring one if the seed phrase is lost. However, the attacker managed to bypass this service, performing unauthorized wallet recoveries with a single guardian.

Loopring 的 Guardian 服务使用户能够指定受信任的钱包来执行各种安全任务，例如锁定受损的钱包或在种子短语丢失时恢复钱包。然而，攻击者设法绕过此服务，通过单个监护人执行未经授权的钱包恢复。

The vulnerability in Loopring's 2FA service allowed the attacker to impersonate the wallet owner, gaining approval for the recovery process, resetting ownership, and withdrawing assets from the affected wallets. Notably, the exploit primarily affected wallets that did not have multiple or third-party guardians.

Loopring 的 2FA 服务中的漏洞允许攻击者冒充钱包所有者，获得恢复过程的批准，重置所有权，并从受影响的钱包中提取资产。值得注意的是，该漏洞主要影响没有多个或第三方监护人的钱包。

The team has identified two wallet addresses involved in the breach. On-chain data reveals that one wallet drained approximately $5 million from the compromised wallets, which have now been fully swapped to Ethereum (ETH).

该团队已确定涉及此次泄露的两个钱包地址。链上数据显示，一个钱包从受感染的钱包中损失了约 500 万美元，这些钱包现已完全转换为以太坊 (ETH)。

Loopring stated that they are working with Mist security experts to uncover the method used by the attacker to compromise their 2FA service. To safeguard users, Guardian-related and 2FA-related operations have been temporarily suspended, which ultimately halted the compromise.

Loopring 表示，他们正在与 Mist 安全专家合作，揭露攻击者用来破坏其 2FA 服务的方法。为了保护用户，Guardian 相关和 2FA 相关操作已暂时停止，这最终阻止了攻击。

“Loopring is working with law enforcement and professional security teams to track down the perpetrator. We will continue to provide updates as soon as the investigation progresses,” the team added.

“Loopring 正在与执法部门和专业安全团队合作追查肇事者。一旦调查取得进展，我们将继续提供最新信息。”该团队补充道。

This incident follows a recent data breach at crypto market data aggregator CoinGecko, which was accessed through its third-party email service provider, GetResponse.

在此事件发生之前，加密货币市场数据聚合商 CoinGecko 最近发生了一次数据泄露事件，该事件是通过其第三方电子邮件服务提供商 GetResponse 访问的。

On June 5, the attacker compromised the account of a GetResponse employee and exported nearly 2 million contacts from CoinGecko's account.

6 月 5 日，攻击者入侵了 GetResponse 员工的帐户，并从 CoinGecko 的帐户中导出了近 200 万条联系人信息。

Subsequently, the attacker sent 23,723 phishing emails using the account of another GetResponse client. However, it's important to note that the malicious actors did not use CoinGecko's domain to send harmful emails.

随后，攻击者使用另一个 GetResponse 客户端的帐户发送了 23,723 封钓鱼电子邮件。然而，值得注意的是，恶意行为者并未使用 CoinGecko 的域名发送有害电子邮件。

CoinGecko also reassured its users that the breach did not compromise their accounts and passwords. Nevertheless, the leaked data included users' names, email addresses, IP addresses, and the locations where emails were opened.

CoinGecko 还向用户保证，此次泄露事件并未损害他们的帐户和密码。然而，泄露的数据包括用户姓名、电子邮件地址、IP 地址以及打开电子邮件的位置。

In response to the breach, CoinGecko advised users to remain vigilant, particularly regarding emails offering airdrops. The platform also highlighted the importance of avoiding links or email attachments from unfamiliar senders and adhering to recommended security measures.

针对此次泄露事件，CoinGecko 建议用户保持警惕，特别是对于提供空投的电子邮件。该平台还强调了避免来自不熟悉的发件人的链接或电子邮件附件以及遵守建议的安全措施的重要性。