Sports NFT Platform Lympo Hacked for $18M

  • The hacker got away with 165.2 million of the project’s LMT tokens, which fell in price by 92% after the accident.
  • Lympo’s team removed LMT from various liquidity pools shortly after the incident, and is currently working on a plan to remedy the situation.
hack

Shutterstock

Lympo, a sports-focused NFT platform and subsidiary of Animoca Brands, has suffered a hack that saw 165.2 million LMT tokens leave its hot wallets, the platform said in a blog post on 10 January.

According to the announcement, on Monday the hacker was able to gain access to 10 of Lympo’s operational wallets and steal 165.2 million LMT tokens, which at the time of the hack were worth approximately $18.5 million. Shortly after the hacker sold his stolen tokens, the price of LMT dropped by approximately 92%. and is now being traded for $0.018 a piece. The team behind the project tweeted on Monday:

Data from Etherscan shows that most of the stolen tokens were sent to a single address. The hacker then used DeFi platforms Uniswap and Sushiswap to exchange his LMT tokens for Ethereum (ETH), which was then sent to an unidentified wallet. In order to “minimize disruption to token prices”, Lympo temporarily removed LMT from various liquidity pools shortly after the incident.

The platform also assured its users that the incident is being investigated, and that the team was working hard to resume the normal operations of Lympo “as soon as possible”. A comprehensive plan on how to remedy the effects of the attack is also being prepared, and will be made available to the community once it has been completed.

This is the second hot wallet hack in the last week, with Liechtenstein-based crypto exchange LCX losing $7 million worth of tokens last Saturday. Similarly to the Lympo accident, the hacker converted most of the stolen tokens to ETH, and then sent them to privacy tool Tornado Cash. The team behind LCX has already stated that they will use their own funds to compensate the affected users.

Discussion
Related Coverage
Osmosis Suffers $5M Liquidity Pool Exploit
  • Osmosis’ bug allowed users to add liquidity to any of its liquidity pools, and immediately withdraw 150% of their initial investment.
  • The DEX noted that four individuals were responsible for 95% of the stolen funds, and that two have already volunteered to return $2 million.
June 9, 2022, 1:02 PM
exploit

Shutterstock

Ola Finance Suffers $3.6M Re-Entrancy Attack
  • The attack happened on the Fuse Network, one of the many blockchains Ola operates on, and took advantage of a vulnerability in one of Ola’s smart contracts.
  • The project has paused all activities on Fuse Network, and noted the attack has not affected its services on other blockchains, which remain operational.
The Sandbox Metaverse Launches Alpha Season 2
  • Alpha Season 2 of The Sandbox will provide players with 35 new metaverse experiences, including a sneak peek at Snoop Dogg’s “Snoopverse”.
  • Players can also complete over 200 quests to earn a chance of getting an Alpha Pass NFT, which rewards owners with up to 1,000 SAND tokens.