The hackers gained access to NFT platform Lympo’s operational hot wallet on Monday and managed to steal 165.2 Million LMT (worth $18.7 million).

NFT (aka non-fungible token) has become a major gamechanger on the blockchain but at the same time, it has become a lucrative target for cybercriminals. That is why NFT related scams have suddenly increased and reports on security vulnerabilities on NFT hosting platforms like OpenSea have also gained attention.

In one such recent Animoca Brands subsidiary and Sports nonfungible token (NFT) minting platform, Lympo, that mints for sports-related collectibles lost around $18.7 million after hackers targeted several of its hot wallets.

What Happened?

Lympo has become a target of a hot wallet security breach due to which the platform lost roughly 165.2 million LMT tokens, valued at around $18.7 million. Lympo’s team posted a short Medium update revealing that hackers gained access to the platform’s operational hot wallet on Monday and managed to steal 165.2 Million LMT. 

Hot wallet attack: Hackers steal $18.7m from Animoca's Lympo NTF platform
Tweet from Lympo addressing the issue.

Most of the stolen tokens were sent to a single address where the funds were swapped for Ether on SushiSwap or Uniswap before being sent to other addresses. The attackers hacked ten different project wallets.

Lympo claims that attackers during the attack the threat actors connected to its internet-facing crypto wallet and used it to send/receive cryptocurrency.

“In response to this attack, Lympo enacted safeguards to ensure that no additional LMT could be stolen by the hackers. We are temporarily removing LMT from various liquidity pools in order to minimize disruption to token prices following the hack,” the company’s blog post read.

LMT Price Dropped After the Incident

Reportedly, around 92% of LMT value dropped as the news of the hack broke. CoinMarktCap reports that by 10 a.m. on Monday, LMT’s value was around $0.115, and twelve hours later, the token’s value dropped to $0.007724.

The team tweeted on 11 Jan that they were trying to stabilize the platform and resume operations, adding that LMT was removed from liquidity pools to prevent further disruption of the token’s price. This is a remedial measure since after suspending the liquidity pool of the token, larger order volumes by traders aren’t fulfilled immediately, and traders also don’t face any losses.

Animoca to Help Lympo Recover

Lympo’s parent company Animoca, a Hong Kong-based game venture capital company, stated that it is ready to support its subsidiary to deal with the challenges caused by the hacking. Animoca’s CEO, Yat Siu, released a statement that read:

 “We are working with Lympo to assist them on a recovery plan, but we don’t have any specific mechanisms.”

More from Hackread.com:

  1. Scammers Netted $7.7 Billion worth of Cryptocurrency in 2021
  2. Ascendex cryptocurrency exchange hacked – $77 million stolen
  3. N Korean hackers stole $1.7 billion from cryptocurrency exchanges
  4. 170 fraudulent Android apps scamming cryptocurrency enthusiasts
  5. Remote access tools abused to spread malware and steal cryptocurrency

Posted by Charlie