Bitget App
Trade smarter
Buy cryptoMarketsTradeFuturesCopyBotsEarn
100+ DeFi Projects Risk DNS Attack: Are You Affected?

100+ DeFi Projects Risk DNS Attack: Are You Affected?

DailyCoinDailyCoin2024/07/13 11:22
By:DailyCoin
  • A popularly used domain registrar has been compromised.
  • Several DeFi frontends are at risk in the potentially wide-scale exploit.
  • Analysts have weighed in on what users can do to stay safe.

As value accrues to the crypto space, so does interest from bad actors looking to make a score. In the latest instance, these scammers have compromised a widely used domain registrar, putting over 100 DeFi frontends and billions of dollars in customer funds at risk.

Sponsored

Here’s what you need to know about the large-scale Domain Name System exploit that has put the entire crypto industry on high alert.

Squarespace Compromised

Over the past 24 hours, several crypto security researchers have warned of a wide-scale DNS attack that could threaten several DeFi frontends.

multiple crypto projects have had their domains mysteriously hijacked from their @squarespace account. consider transferring your domain to one of these instead:
– @Cloudflare
– @awscloud Route53
– @markmonitor
– @CSCDBS

— samczsun (@samczsun) July 11, 2024

A DNS Attack targets the DNS service, which is responsible for translating domain names into IP addresses. It usually targets the website to make it unavailable, redirect users to fraudulent websites, or steal sensitive data like login details. In the recent attack on DeFi frontends, these scammers appear to be redirecting users to fraudulent websites linked to the wallet drainer kit created by the crypto hacking group Inferno Drainer.

The exploit appears to be the result of a Squarespace compromise. CoinGecko co-founder Bobby Ong explained that the websites at risk had lost their 2FA after being forced to migrate to Squarespace two months ago when Google sold its domain name business.

Who is at Risk?

In a Thursday, July 12 X post, Defi Llama founder “0xngmi” shared a “partial list” of at-risk domains due to their connection to Squarespace. The list outlined 127 projects, including Pendle Finance, Compound Finance, dYdX, Thorchain, and Polymarket.

compiled a (partial) list of domains connected to square space that would be at risk of being hacked rn, i'd avoid them for now https://t.co/Cih5YTgFL9

— 0xngmi (@0xngmi) July 11, 2024

So far, Compound Finance and Pendle Finance have reported that their frontends have been compromised, warning users to avoid the websites for now.

What Should You Do?

As CoinGecko’s Bobby Ong has highlighted, users are better off staying away from DeFi frontends until the issue is resolved. If you must use a DeFi frontend service, confirm the website’s status with the provider.

On the Flipside 

  • Squarespace has yet to state the recent exploit.
  • As highlighted by Blockaid, MetaMask, and Coinbase Wallet are blocking these malicious IPs and keeping users safe.

Why This Matters 

The recent Squarespace compromise puts over 100 crypto projects and billions of dollars in user funds at risk. As such, it is necessary to understand the situation and know the right actions to take to stay safe.

Read this for more crypto scams:
$573M Lost to Crypto Scams and Hacks in Q2: Immunefi

See how popular crypto mixer Railgun foiled an Inferno Drainer money laundering attempt:
Vitalik-Backed Railgun “Outsmarting Scammers,” Inferno Drainer Foiled

0

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Locked for new tokens.
APR up to 10%. Always on, always get airdrop.
Lock now!