100+ DeFi Projects Risk DNS Attack: Are You Affected?
- A popularly used domain registrar has been compromised.
- Several DeFi frontends are at risk in the potentially wide-scale exploit.
- Analysts have weighed in on what users can do to stay safe.
As value accrues to the crypto space, so does interest from bad actors looking to make a score. In the latest instance, these scammers have compromised a widely used domain registrar, putting over 100 DeFi frontends and billions of dollars in customer funds at risk.
Sponsored
Here’s what you need to know about the large-scale Domain Name System exploit that has put the entire crypto industry on high alert.
Squarespace Compromised
Over the past 24 hours, several crypto security researchers have warned of a wide-scale DNS attack that could threaten several DeFi frontends.
A DNS Attack targets the DNS service, which is responsible for translating domain names into IP addresses. It usually targets the website to make it unavailable, redirect users to fraudulent websites, or steal sensitive data like login details. In the recent attack on DeFi frontends, these scammers appear to be redirecting users to fraudulent websites linked to the wallet drainer kit created by the crypto hacking group Inferno Drainer.
The exploit appears to be the result of a Squarespace compromise. CoinGecko co-founder Bobby Ong explained that the websites at risk had lost their 2FA after being forced to migrate to Squarespace two months ago when Google sold its domain name business.
Who is at Risk?
In a Thursday, July 12 X post, Defi Llama founder “0xngmi” shared a “partial list” of at-risk domains due to their connection to Squarespace. The list outlined 127 projects, including Pendle Finance, Compound Finance, dYdX, Thorchain, and Polymarket.
So far, Compound Finance and Pendle Finance have reported that their frontends have been compromised, warning users to avoid the websites for now.
What Should You Do?
As CoinGecko’s Bobby Ong has highlighted, users are better off staying away from DeFi frontends until the issue is resolved. If you must use a DeFi frontend service, confirm the website’s status with the provider.
On the Flipside
- Squarespace has yet to state the recent exploit.
- As highlighted by Blockaid, MetaMask, and Coinbase Wallet are blocking these malicious IPs and keeping users safe.
Why This Matters
The recent Squarespace compromise puts over 100 crypto projects and billions of dollars in user funds at risk. As such, it is necessary to understand the situation and know the right actions to take to stay safe.
Read this for more crypto scams:
$573M Lost to Crypto Scams and Hacks in Q2: Immunefi
See how popular crypto mixer Railgun foiled an Inferno Drainer money laundering attempt:
Vitalik-Backed Railgun “Outsmarting Scammers,” Inferno Drainer Foiled
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Ethereum hits $3.2K, surpassing Bank of America market cap
ETH breaks through $3,200