Loopring’s X account remained compromised at press time, with the exploiters publishing multiple malicious links promoting a fake LRC airdrop.
The X page of Ethereum layer-2 network Loopring was compromised on Nov. 20, allowing phishing scammers to publish at least 10 tweets containing harmful links to an illegitimate airdrop for LRC, the project’s native token.
According to blockchain security firm CertiK, the links redirected users to a known wallet drainer connected to other phishing campaigns. The exploit lasted all day and the Loopring team was yet to regain control of their account as of press time.
It’s unknown if LRC users or would-be airdrop claimants have suffered any losses. Loopring had over $98 million in total value locked when the project’s X account was hijacked, DefiLlama data showed.
The incident highlights a broader anti-security campaign in cyberspace targeting cryptocurrencies and blockchain-related projects. Analytics provider Dune also halted its platform due to a surge of inorganic traffic but swiftly resumed operations.
Phishing scammers have launched attacks against several crypto platforms like NFT marketplace OpenSea and hard wallet maker Trezor. Decentralized social network Friend.Tech warned users against a group of scammers posing as crypto journalists, as crypto.news reported.
Nearly $27 million stolen by phishers in November 2023 also contributed to over $173 million in estimated losses incurred by cryptocurrency participants, with exploiters rarely returning the funds and instead opting to launder the proceeds through privacy protocols like Tornado Cash.
Projects like JPEG’d have warned users to maintain vigilance against hackers while platforms like Binance and Tether reportedly assisted authorities in recovering millions of funds stolen from victims via crypto scams.