At least two defi protocols reported compromised domains in an apparent hacking campaign targeting crypto websites.
On Thursday, Celer Network and Compound Finance alerted the crypto community to an ongoing attack on their domain addresses. “We are investigating a potential DNS domain attack that seems to be hitting multiple projects at the same time,” the notice from Celer read.
🚨 URGENT: The Compound Labs website (compound[.]finance) has been compromised. Please do not visit the website or clink any links until further notice. An update will be provided when available. This is our final message // end of tweet. 🚨
— Compound Labs (@compoundfinance) July 11, 2024
A Domain Name System (DNS) involves stressing the stability of DNS service to gain control over a website and possibly redirect traffic to phishing hotspots.
Security experts said multiple decentralized finance protocols might be under siege by threat actors looking to steal funds. Some 11 platforms, including Pendle Finance, Polymarket, and THORChain, were named as potential targets. A partial list of websites at risk of being hacked may be found here.
You might also like: Crypto market falls ahead of the US CPI data release
According to Paradigm research samczsun, the hack likely originated from Google Doman accounts used by these protocols. Squarespace acquired Google Domains last year in a $180 million deal, and all websites associated with the company are currently under scrutiny.
multiple crypto projects have had their domains mysteriously hijacked from their @squarespace account. consider transferring your domain to one of these instead:– @Cloudflare– @awscloud Route53– @markmonitor– @CSCDBS
— samczsun (@samczsun) July 11, 2024
At press time, neither Celer Network nor Compound Finance disclosed that the threat had been mitigated. In the meantime, users are advised to avoid interacting with defi dapps until further notice. Additionally, no funds had been reported stolen due to the DNS attack.
The matter underscores the need for defensive vigilance as hackers seek to compromise Web3 solutions via their Web2 connections. Last September, automated market maker Balance suffered a front-end attack. Before that, a bug in a code compiler employed by Curve Finance allowed bad actors to siphon over $70 million in crypto and exploit several protocols.
Since then, white-hat security experts have assembled efforts to mitigate the growing threat in crypto and Web3. Initiatives like the first-responder Telegram bot SEAL 911 and security councils featuring industry leaders like Coinbase have emerged to combat the issue.
Read more: Crypto ISAC launched to bolster web3 security