After the attack on DNS records hosted on the Squarespace web hosting, the interfaces of approximately 228 DeFi projects remain at risk. This was announced to Decrypt by Blockaid CEO Ido Ben-Nathan.
On July 11, the incident affected Compound Finance and Celer Network, whose websites began redirecting users to phishing pages. The expert noted that intercepting DNS requests from protocols allowed attackers to use IP addresses associated with the Inferno dryer.
The use of a known malicious solution is indicated by the common on- and off-chain infrastructure, including smart contracts and wallets, Ben-Nathan believes.
Inferno Drainer tools allow cybercriminals to steal user funds, automatically emptying their accounts after signing malicious transactions.
The group has been trying to exploit DeFi protocol vulnerabilities for some time, the Blockaid co-founder stressed. However, using a single infrastructure helps to track and identify their attacks, he added.
Commenting on the Squarespace incident, Matthew Gould, founder of Unstoppable Domains, noted that additional protection of DNS records can be provided by their verification on the blockchain. You can set up an update only through confirmation in the chain, for example, using a wallet signature, he explained.
Registrars are custodians of your domains. If they are compromised, like SquareSpace today, your website traffic can be routed without your permission to somewhere else.
By creating verified onchain records for domains we can offer an extra layer of protection browsers and… https://t.co/Zgya33A4HC
Recall that in 2023, the crypto industry lost $1.8 billion as a result of hacker attacks and fraud. The amount has more than halved over the year, but the number of incidents has increased by 90%, Immunefi noted.
https://forklog.com/exclusive/fishing-v-web3-kak-zashhitit-sebya-i-svoi-aktivy