Layerswap hack: $100k lost, users to be fully refunded

Layerswap hack: $100k lost, users to be fully refunded

By Charles Thuo - min read
  • Layerswap’s domain, layerswap.io, was hijacked, leading to a phishing scam and $100,000 loss.
  • Despite delays, Layerswap regained control, pledged full refunds, and offered a 10% bonus.
  • Crypto scams remain prevalent, with $46.86 million lost in February 2024 alone.

On March 20th, around 7:40 PM UTC, Layerswap’s domain, layerswap.io, fell victim to a significant security breach.

Malicious actors compromised Layerswap’s GoDaddy account, altering the domain’s DNS settings, and redirecting traffic to a phishing site.

Despite swift action, around 50 users fell prey to the scam, collectively losing $100,000 in assets.

Layerswap has recovered the domain

Despite encountering delays, Layerswap regained access to their GoDaddy account by 11:07 PM UTC, enabling them to reverse the hacker’s modifications and regain control of their domain.

The company has taken proactive measures, fully refunding affected users and offering an additional 10% as compensation for the inconvenience caused by the security breach.

Scam Sniffer’s insights on crypto scammers

According to Scam Sniffer, February 2024 witnessed significant losses of $46.86 million in cryptocurrencies due to scams, with over 57,000 individuals falling victim to various phishing schemes.

Notably, there was a 75% decrease in victims losing over $1 million compared to January 2024. Despite efforts to combat scams, vulnerabilities persist, as seen in ParaSwap’s recent incident, where a hacker managed to cash out funds worth approximately $24,000.

The Layerswap incident serves as a stark reminder of the persistent threat posed by cybercriminals in the cryptocurrency space.

While Layerswap’s swift response and commitment to refund affected users are commendable, it underscores the need for enhanced security measures and user awareness within the crypto community.