In a recent cyber incident, Layerswap, a platform facilitating seamless cryptocurrency transfers, fell prey to a domain hijack, leading to a phishing scam that resulted in approximately $100,000 worth of crypto assets being stolen from around 50 users. However, Layerswap has swiftly responded with a commendable commitment to refund all affected users in full, coupled with a 10% bonus to compensate for the inconvenience caused by the attack.
On March 20, at approximately 7:40 UTC, Layerswap encountered a significant security breach involving its domain, layerswap.io. Malicious actors compromised Layerswap's GoDaddy account, manipulating the domain's DNS settings to redirect traffic to a phishing site when users attempted to access Layerswap's website. Despite the unauthorized attempt to reset Layerswap's account password, which fortunately failed due to the enabled two-factor authentication (2FA), approximately 50 individuals succumbed to the phishing scam, resulting in the collective loss of $100,000 worth of assets.
Upon detecting the breach, Layerswap promptly sought assistance from GoDaddy Support. However, delays in response from the domain registrar prolonged the hacker's control over the domain. Despite encountering initial obstacles, Layerswap successfully regained access to their GoDaddy account by 11:07 p.m. UTC, enabling them to reverse the hacker's alterations and regain control of their domain.
In a proactive stance, Layerswap has embarked on full reimbursement for affected users, coupled with an additional 10% bonus to mitigate the inconvenience caused by the security breach. This swift and transparent response underscores Layerswap's commitment to safeguarding its users' assets and maintaining trust amidst challenging circumstances.
While Layerswap's incident highlights the persistent threat of crypto scams, recent reports shed light on the broader landscape. Despite a notable decrease in large-scale victims, February 2024 witnessed significant cryptocurrency losses totaling $46.86 million due to scams, with over 57,000 individuals falling victim to various phishing schemes. Ethereum mainnet emerged as the most affected, underscoring the urgency for heightened vigilance and robust security measures within the cryptocurrency ecosystem.
Layerswap's swift resolution of the domain hijack incident sets a commendable precedent in the face of cybersecurity challenges. As the cryptocurrency landscape evolves, proactive measures and collaborative efforts remain imperative to safeguarding user assets and fostering trust in the digital realm.