How a sports NFT minting platform suffered a hot wallet security breach across several project wallets, losing $18 million USD

A recent report notes that Lympo, a platform for minting sports-related non-fungible tokens (NFT), has suffered a security breach in the hot wallets of various projects, which would have generated losses of more than $18 million USD in LMT tokens.

Through a brief update, the subsidiary project of Animoca Brands mentions that hackers managed to gain access to Lympo’s operational hot wallet, stealing more than 160 million tokens.

Lympo mentions that wallets from at least 10 projects were also affected, with compromised tokens being sent to a single online address and exchanged for Ether on exchange platforms Uniswap and SushiSwap in a bid to remove the attacker’s trail. Due to this incident, the price of NMT tokens plummeted, reaching the all-time low of $0.0093 USD.

The next day, Lympo’s security team stated that work was underway to stabilize the situation, in addition to regular activities resuming in the coming days. The team also stated that it had removed LMT liquidity from liquidity funds to minimize disruption to token prices. Removing liquidity from groups that trade LMT means that traders will not be able to buy or sell a significant amount of tokens without suffering drastic losses.

In recent days, exchange platform LCX also suffered a security breach in one of its hot wallets, resulting in the loss of nearly $7 million over the weekend. In this attack, hackers took control of eight different cryptocurrencies, including Maker (MKR), Enjin (ENJ), Chainlink (LINK), Quant (QNT), The Sandbox (SAND), ETH, LCX, and USD Coin (USDC).

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.