The sports NFT minting platform suffered from a hot wallet security breach across several project wallets losing $18 million in its native LMT tokens.
1594 Total views
54 Total shares
Sports NFT minting platform and Animoca Brands subsidiary Lympo suffered from a hot wallet security breach and lost 165.2 million LMT tokens worth $18.7 million at the time of the hack.
A short Medium update from the Lympo team stated that on Jan. 10 hackers managed to gain access to Lympo’s operational hot wallet and “stole a total of approximately 165.2 million LMT from it.”
According to the post, ten different project wallets were compromised in the attack. It appears that most of the stolen tokens were sent to a single address, swapped for Ether (ETH) on Uniswap and Sushiswap, then sent elsewhere.
LMT price tumbled 92% to $0. 0093 after hackers transferred then sold the loot from the project’s hot wallets.
A subsequent Jan. 11 tweet from the team stated that they were “working on stabilizing the situation and resuming all operations back to normal.” The team also stated that it had removed liquidity LMT from liquidity pools to “minimize disruption to token prices.”
#Lympo provides an update on the $LMT token slippage and hacking that occurred on January 10th at approximately 12: 32 pm UTC. We are working to stabilize the situation and bring back normal operations. https://t.co/i07w5zoOwW@animocabrands
— Lympo.io – Crypto Community (@Lympo_io) January 10, 2022
Traders will be unable to trade LMT tokens without losing significant liquidity.
Early on Jan. 11, the team urged traders to refrain from buying or selling any LMT tokens while they completed their investigation and determined the next best course of action. Lympo, a subsidiary of Animoca Brands may be able to benefit from an intervention by the Animoca team. Animoca CEO Yat Siu told Cointelegraph, “We are working with Lympo to assist them on a recovery plan, but we don’t have any specific mechanisms.”
The second hot wallet hack this week
Centralized crypto exchange LCX also suffered from a security breach on one of its hot wallets, leading to the loss of nearly $7 million on Jan. 8. The hacker took eight stacks of crypto assets.
LCX was robbed of various amounts of MKR and ENJ, LINK. QNT. SAND. ETH. LCX. and USDC. The majority of the funds were converted to ETH then sent to Tornado Cash, a privacy tool designed to hide the source and destination of ETH.
The LCX team released an update on Jan. 10 assuring users that they would be compensated for the losses incurred and that no personal data was compromised during the attack. The team wrote:
“LCX will use our own funds to cover the incident and compensate affected users. There will be no impact on user balances at LCX.”