The Sport Non-fungible Token (NFT) Minting Platform and Subsidiary of Animoca Brands, Lympo suffered a vulnerability in its hot wallet and lost 165.2 million LMT tokens worth $ 18.7 million at the time of the hack.
A quick update on Medium from the Lympo team stated that on Monday, Hackers gained access to Lympo’s operational hot wallet and “stole a total of approximately 165.2 million LMT from it”.
According to the publication, 10 different project wallets were compromised in the attack. It appears that most of the stolen tokens were sent to a single address, exchanged for Ether (ETH) on Uniswap and SushiSwap, and then shipped to another location.
LMT price plunged 92% to $ 0.0093 after the hackers transferred the loot from the project’s hot wallets and then sold it.
A subsequent tweet from the team stated that he “We are working to stabilize the situation and get all operations back to normal.” The team also stated that had drawn LMT liquidity from liquidity pools to “minimize disruptions in token prices”.
#Lympo offers an update to the $ LMT Token slippage and hacking that occurred on Jan 10 at around 12:32 p.m. UTC. We are working to stabilize the situation and get all operations back to normal. Https://t.co/i07w5zoOwW@animocabrands
– Lympo.io – crypto community (@Lympo_io) January 10, 2022
The deliquidity of pools using LMT means that traders cannot buy or sell significant amounts of the tokens without suffering a dramatic loss in value.
On the previous Tuesday, the team asked traders to refrain from buying or selling LMT tokens. as he completed his investigation and determined the next action to be taken.
As a subsidiary of Animoca Brands, Lympo could benefit from the intervention of the Animoca team. The CEO of Animoca, Yat Siu, said Cointelegraph: “We’re working with Lympo to help them with a recovery plan, but we don’t have a specific mechanism.”
The second hot wallet hack this week
The centralized cryptocurrency exchange LCX also suffered a vulnerability in one of its hot wallets that resulted in a loss of nearly $ 7 million on Saturday. This time, the hacker confiscated significant amounts of eight different crypto assets.
LCX lost various amounts to Maker (MKR), Enjin (ENJ), Chainlink (LINK), Quant (QNT), The Sandbox (SAND), ETH, LCX and USD Coin (USDC). Most of the funds have been converted into ETH and then sent to Tornado Cash, a privacy protection tool designed to hide the origin and destination of ETH transactions.
The LCX team released an update on Monday assuring users that they will be compensated for losses suffered and that no personal information was compromised during the attack. The team wrote:
“LCX will use our own funds to cover the incident and compensate affected users. There will be no impact on user balances at LCX.”