WEB3
by BSCN
July 12, 2024
The breach involved a domain registry attack targeting multiple decentralized finance (DeFi) applications.
A significant breach at Squarespace, a major SaaS provider, was reported by blockchain security platform Blockaid. The attack targeted multiple decentralized finance (DeFi) applications, compromising their domain name system (DNS) registries.
⚠️ Developing situation - Multiple DeFi front ends are at risk of hijacking, with a few incidents already taking place, with projects like @compoundfinance and @CelerNetwork getting hacked over the past 24 hours.
— Blockaid (@blockaid_) July 11, 2024
We will update this thread with details as we go. pic.twitter.com/iWQR0ByIgB
Among the affected projects are Compound Finance and Celer Network. This breach has put over 120 crypto projects at risk of exploitation.
The initial benign attack on July 6 escalated on July 11, when Blockaid detected a new frontend attack. The attacker took control of the DNS registry for Compound Finance and attempted to do the same for Celer Network.
✅Thanks to our 24/7 domain security monitoring, an attempted takeover of Celer domains was successfully intercepted. All DNS records have been recovered. Our ongoing investigation indicates that the attack vector likely involved third parties beyond our control.
— CelerNetwork (@CelerNetwork) July 11, 2024
👁️The Celer…
The front end of Compound Finance's website, compound[dot]finance, was compromised, though users' funds remained safe. However, the incident caused significant inconvenience and raised alarm in the crypto community.
Michael Lewellen, a security advisor at Compound DAO, urged users to avoid the $2 billion decentralized lending protocol’s website. Celer Network also issued a similar warning, which was later deleted.
Other DeFi protocols, including Pendle Finance, DYDX Exchange, and Mendi Finance, are also reportedly at risk. Additionally, Polymarket, a prediction marketplace powered by Squarespace, faces potential threats from the breach.
MetaMask, a popular Web3 wallet, announced efforts to warn users of potentially compromised apps associated with the attack. Users attempting to transact on any known compromised site will see a warning provided by Blockaid.
Blockaid's investigation indicates that the attacker targets domain names provided by Squarespace, putting any DeFi app using Squarespace domains at risk. The security firm suggested that attackers might be hijacking DNS records of projects hosted on Squarespace.
The possible exploit methods could include sophisticated pre-registration tactics, mass domain sign-ups, or DNS cache poisoning (DNS spoofing), where false data is injected into a DNS cache, redirecting users to malicious websites.
According to a Crypto Briefing report, a security researcher speculated that the attackers might have exploited a direct breach of Squarespace’s security, allowing them to manipulate DNS records from the source. This theory is based on the wide-ranging impact and suggests a systemic vulnerability.
Squarespace completed its acquisition of Google’s domain business on September 7, 2023, adding to the complexity of the situation. While the exact methods of the attack remain speculative, the combination of tactics or an undisclosed vulnerability in the domain management system is likely.
However, according to recent reports, the Compound Finance website is now secure.
✅ Update: Thanks to the tenacious efforts of so many in the community, the https://t.co/Dcq4ZkswRX website is once again secure. Please always remain vigilant in clicking links to avoid phishing scams.
— Compound Labs (@compoundfinance) July 12, 2024
Make sure to restart your browser to ensure visiting the proper website. If…
Hacks and exploits are not uncommon in the digital currency ecosystem. Recent incidents include the hack of Japanese firm DMM Bitcoin and the hijack of the X account of rapper 50 Cent. These events highlight the growing threat and the need for robust security measures in the crypto industry.
Disclaimer
Disclaimer: The views expressed in this article do not necessarily represent the views of BSCN. The information provided in this article is for educational and entertainment purposes only and should not be construed as investment advice, or advice of any kind. BSCN assumes no responsibility for any investment decisions made based on the information provided in this article. If you believe that the article should be amended, please reach out to the BSCN team by emailing [email protected].
Latest News
0h : 20m ago
US President Donald Trump Signs Landmark Crypto Executive Order: Key Takeaways
2h : 5m ago
Senator Cynthia Lummis Named Chair of Senate Banking Subcommittee on Digital Assets
3h : 50m ago
SEC Rescinds ‘Anti-Crypto’ SAB 121, Brings SAB 122
January 23, 2025
Coinbase Appeals to Court Over SEC Lawsuit in Battle for Crypto Clarity
January 23, 2025
Is Bitcoin a Threat to the U.S. Dollar? Goldman Sachs CEO Weighs In
January 23, 2025
Ethereum Maintains Fee Earnings Lead Despite Dencun Upgrade and Internal Strife
January 23, 2025
Bitwise Files for Dogecoin (DOGE) ETF Amid Growing Meme Coin Interest
January 22, 2025
Donald Trump Says He “Don’t Know Much About” $TRUMP Amid ETF Reports