Fun

Crypto execs on DeFi domain hacks: Don’t interact with crypto for now

News Feed - 2024-07-12 05:07:20

Ezra Reguerra46 minutes agoCrypto execs on DeFi domain hacks: Don’t interact with crypto for nowCoinGecko founder Bobby Ong explained that after Google sold its domain business to Squarespace, two-factor authentication was removed due to the forced migration of domains.312 Total views5 Total sharesListen to article 0:00NewsOwn this piece of crypto historyCollect this article as NFTJoin us on social networksAs the vulnerability on Squarespace domains threatens the decentralized finance (DeFi) space with phishing attacks, Web3 professionals shared their advice on what users and those affected can do to avoid the attacks. 


On July 11, security investigator ZachXBT shared a Telegram post warning the community to stay away from the Compound Finance website, which redirected to a phishing site. The DeFi protocol was the first to be hijacked because of the vulnerability.


Following this, the Celer Network announced that it had also been attacked but successfully thwarted the attempt.


Meanwhile, DefiLlama developer “0xngmi” shared a list of domains vulnerable to the same attack vector. The list had over 100 protocols, including Polymarket, dYdX and Pendle Finance.Don’t interact with crypto for the next few days


CoinGecko founder Bobby Ong said the attack stemmed from Squarespace’s domain registrar. The executive explained that after Google sold its domain business to Squarespace, two-factor authentication (2FA) was removed due to the forced migration of domains.


This made the domains vulnerable. According to Ong, the community should wait until the issue is fixed before interacting with crypto again. “Best thing to do is to not interact with crypto and rest for the next couple of days until everything is resolved,” Ong added.


Related:CoinStats exploiter moves almost $1M to Tornado CashConsider transferring to other domain providers


Security researcher Samzsun said those affected by the recent domain hijacking on Squarespace might need to consider transferring to other providers. The white hat hacker recommended Cloudflare, Amazon Web Services Route 53, MarkMonitor and CSC DBS.


Meanwhile, Matthew Gould, the founder and CEO of Web3 domain provider Unstoppable Domains (UD), took the opportunity to explain how this type of attack may be avoided with Web3 domains. Gould explained:“By creating verified onchain records for domains we can offer an extra layer of protection browsers and others can check to help fight these types of attacks.”


The executive added that users could even configure their DNS records to not update unless they provide a verified onchain signature.


The executive also floated the idea of disallowing records updates without signatures from wallets. This would require hackers to attack the registrar and the user separately.


“So if your UD account was compromised, or UD itself as a registrar was compromised, but not your wallet, the malicious user could not alter your domain in DNS," Gould added.


Magazine:Lazarus Group’s favorite exploit revealed — Crypto hacks analysis# Blockchain# Security# Hackers# Cybersecurity# Hacks# DeFiAdd reaction

News Feed

Talks of Issuing a New FTT Token Fuel Coin’s Price Despite FTT’s Broken Tokenomics Scheme
Talks of Issuing a New FTT Token Fuel Coin’s Price Despite FTT"s Broken Tokenomics Scheme Roughly 29 days ago FTX filed for bankruptcy, and the crypto ecosystem has been dealing
Crypto Exchange Owner Sentenced to 10 Years in Prison for Multimillion-Dollar Scheme to Defraud Americans
Crypto Exchange Owner Sentenced to 10 Years in Prison for Multimillion-Dollar Scheme to Defraud Americans The U.S. has sentenced a cryptocurrency exchange owner
Bank of America, Coinbase, FTX Invest in Paxos Series D Funding Round
Bank of America, Coinbase, FTX Invest in Paxos Series D Funding Round Paxos, a blockchain services and tokenization firm has added Coinbase Ventures, FTX, Bank o
Argentinian Exchange Ripio Presents Crypto Educational Textbook and Web3 Metaverse Wallet
Argentinian Exchange Ripio Presents Crypto Educational Textbook and Web3 Metaverse Wallet Ripio, an Argentina-based cryptocurrency exchange, announced the launch of two products, a
Argentinian Cryptocurrency Exchange Buenbit Announces Staff Layoffs
Argentinian Cryptocurrency Exchange Buenbit Announces Staff Layoffs Buenbit, an Argentinian cryptocurrency exchange, has announced a series of layoffs due to the downturn that trad
Jesse Coghlan5 hours ago‘Scammers’ pose as Crypto Twitter users on Threads as sign-ups near 100MThreads are already seeing potential crypto scammers arrive on the platform, with Crypto Twitter users warning of impers
Dfinity announces new ICP-powered platform to tackle cybersecurity
Josh O"Sullivan11 hours agoDfinity announces new ICP-powered platform to tackle cybersecurityThe Dfinity Foundation’s new platform, Utopia, promises enhanced security and sovereignty for government and enterprise cloud
Lawyer of Alleged Crypto Launderer Vinnik Calls on Russia to Talk Prisoner Swap With US
Lawyer of Alleged Crypto Launderer Vinnik Calls on Russia to Talk Prisoner Swap With US A lawyer representing Russian IT specialist Alexander Vinnik has urged the government in Mos
Spot Ether ETFs ‘unlikely to be dramatic’ but would get steady capital — Binance CEO
Ezra Reguerra46 minutes agoSpot Ether ETFs ‘unlikely to be dramatic’ but would get steady capital — Binance CEOBinance CEO Richard Teng highlighted that the spot Ether ETFs could provide a stable and substantial in
Vermont Rapper Releases Hip Hop Track ‘#Freeross,’ Ulbricht Petition Nears 300K Signatures
Vermont Rapper Releases Hip Hop Track "#Freeross," Ulbricht Petition Nears 300K Signatures Southern Vermont-based hip-hop artist, Krypto Man, has released a new single called &ld
Deutsche Bank Predicts Major US Recession Next Year
Deutsche Bank Predicts Major US Recession Next Year Deutsche Bank’s economists have warned that the U.S. will suffer a major recession next year. However, several other majo
Jesse Coghlan7 hours agoHester Peirce: US crypto laws can’t assume ‘everything is a financial asset’Securities and Exchange Commissioner Hester Peirce discussed a possible United States crypto legal framework, givi