Kelp DAO Security Incident Analysis: The attacker impersonated the Kelp team and persuaded GoDaddy's customer support to bypass the 2-FA verification.
ChainCatcher news, Kelp DAO reviews the previous security incident: On July 22 at 22:30, Kelp's dApp began displaying malicious wallet activity transactions, attempting to steal user funds. The Kelp team immediately responded, locking the domain server, restoring all access rights, and resolving the issue. The attacker, by impersonating the Kelp team, successfully convinced GoDaddy's customer support to bypass the 2-FA. The Kelp team is taking preventive measures, including moving to another domain registrar and strengthening alerts for abnormal UI behavior. A few users reported losing funds due to the UI attack, and the Kelp team is providing support.