Layerswap, a platform acting as a link between centralized cryptocurrency exchanges and Layer 2 blockchains, recently experienced a domain hijack that resulted in the loss of roughly $100,000 in user funds. On March 20, the layerswap.io domain was compromised, redirecting users to a phishing website when attempting to access the service. Concurrently, hackers tried to reset Layerswap’s X account, effectively blocking access to the social media profile.
The slow response from domain registrar GoDaddy prolonged the hackers' control over the domain. It wasn't until approximately 11:07 PM UTC that LayerSwap regained access to its GoDaddy account and reversed the alterations made by the hacker. However, the company remains determined to ascertain the root cause of the breach, having sought an explanation from GoDaddy support, albeit without receiving a satisfactory response. They intend to share a detailed report with the community to enhance transparency.
Amid the domain hijack, an elaborate phishing scam orchestrated through Layerswap successfully siphoned approximately $100,000 in cryptocurrency assets from around 50 users. In response, the platform has pledged full refunds to those affected, accompanied by an additional 10% reward as compensation for the inconvenience endured.
Users are strongly advised to withdraw their token approval to mitigate further losses and claim any funds or assets lost during the incident. Layerswap has initiated the process of refunding affected users. In a similar vein, decentralized finance (DeFi) aggregator ParaSwap narrowly averted a significant loss of funds stemming from a vulnerability in its newly deployed Augustus v6 contract.
Despite ParaSwap's prompt actions to roll back the v6 contract and notify users about necessary precautions, the hacker still managed to cash out approximately $24,000 worth of funds across four different addresses. A total of 386 addresses were impacted by the vulnerability, prompting the protocol to urge users to report any potential fund losses that might have eluded detection during the initial investigation. As long as affected users have not rescinded their approval, they remain vulnerable, with ParaSwap recommending the use of security validation services like Revoke to verify their safety.

















