Christopher Roark6 hours agodYdX v3 compromised in an apparent DNS attackAn attacker appears to have installed a token-draining program on the official domain for dYdX version 3.0.853 Total views2 Total sharesListen to article 0:00NewsOwn this piece of crypto historyCollect this article as NFTJoin us on social networksThe website for crypto exchange dYdX’s version 3.0 has been “compromised,” according to a July 23 social media post from the exchange’s team. However, the team stated that version 4.0 on Cosmos has not been compromised and is functioning normally. Users are being warned that they should not “visit the website [for v3] or click any links until further notice.”
The user interface for dYdX v3 is located at dydx.exchange. Source: dYdX
dYdX has confirmed that the app’s smart contracts have not been compromised. Only the user interface is affected, so funds currently deposited should not be at risk, and the site should not be used to attempt withdrawals.
Related:dYdX moves to Cosmos-based blockchain for v4 to optimize decentralization
Cointelegraph journalists attempted to connect to the compromised website with a test Ethereum account that held no balance. In response, the site produced an error stating, “Your wallet is not eligible. Something went wrong. Please try again with an active wallet.”dYdX hacked site error message. Source: dydx.exchange
A similar error message was shown in a fake Collab.land phishing scam that a victim reported to Cointelegraph in February. This earlier scam appeared to check the user’s wallet balance once it was connected to the site. If the wallet did not have a balance, the user was told to try again with an “active wallet.” If the user then connected with a wallet that held funds, they were presented with a signature request. If they signed this request, their account was drained.
The hacked version of the dYdX website appears to work in a similar way.
At the time of publication, the team has not provided further details as to how the attacker was able to gain control of the app’s domain name. But domain name service (DNS) hijacking attempts against Web3 protocols have become common recently. On July 11, both Compound Finance and Celer Network were targeted in a DNS attack, and the attacker successfully redirected Compound’s website to a malicious website that attempted to drain tokens.
This is a developing story, and further information will be added as it becomes available.
Magazine: Crypto-Sec: Evolve Bank suffers data breach, Turbo Toad enthusiast loses $3.6K# Phishing# Hackers# Hacks# DeFiAdd reaction