Lido loses 1.4 ETH in a hacking attempt

TL;DR

• Ethereum’s largest liquid staking protocol, Liod, lost just 1.4 ETH in a hacking attempt.
• The security incident occurred after a key used by validator operator Chorus One was compromised.

Lido Averts a Hacking Attempt, Loses 1.4 ETH

Lido, Ethereum’s largest liquid staking protocol, averted a major security incident after one of its nine oracle keys was compromised.

According to the firm, the attack had a low-impact but serious breach involving validator operator Chorus One. Lido currently secures over 25% of all ETH staked on Ethereum, making it important to the Ethereum ecosystem

Per the report, the compromised key was tied to a hot wallet used for oracle reporting, with Lido losing just 1.46 ETH ($4,200) in gas fees. Chorus One posted on X that no user funds were affected, and no broader compromise was detected

Chorus One added that,

“Our preliminary findings indicate that this is an isolated incident with limited impact. The affected hot wallet dates back to 2021 and was specifically intended to maintain a low balance solely for operating the Lido Oracle. As such, it did not adhere to the same stringent security standards applied to other keys managed by Chorus One.”

Contributors detected the suspicious activity early Sunday after a low-balance alert triggered a closer look at the address. The report uncovered unauthorized access to an Oracle private key used by Chorus One that was originally created in 2021 and not secured to the same standards as newer keys

Following the hacking attempt, Lido launched an emergency DAO vote to rotate the compromised oracle key across three contracts: the Accounting Oracle, the Validators Exit Bus Oracle, and the CS Fee Oracle. The team added that the new key has been generated using better security controls to avoid similar mistakes

LDO, Lido’s native coin, is down 1.75% in the last 24 hours and now trades at $1.09.