Major DeFi Protocols Hit by DNS Hack, Coingecko CEO Warns of Wider Risk
Celer Network and Compound Finance domains compromised, Squarespace DNS attack raises concerns for multiple DeFi projects.
A major DNS attack targeting the Squarespace domain registrar has shocked the cryptocurrency community, prompting warnings and preventive measures. The attack has already compromised the domains of Celer Network and Compound Finance, raising concerns about the security of numerous other crypto-related websites.
Coingecko co-founder Bobby Ong has advised users to refrain from interacting with crypto platforms for the next few days until the situation is resolved. "The best thing to do is to not interact with crypto and rest for the next couple of days until everything is resolved," Ong stated.
The vulnerability stems from Squarespace's acquisition of Google Domains registrations in June 2023. The forced migration of domains to Squarespace reportedly removed two-factor authentication (2FA) for many users, leaving these domains susceptible to hijacking.
0xngmi has compiled a list of notable domains that share the same registrar and could be at risk. These include:
- http://pendle.finance
- http://karak.network
- http://hyperliquid.xyz
- http://dydx.exchange
- http://thorchain.com
- http://axelar.network
- http://vertexprotocol.com
- http://hop.exchange
- http://polymarket.com
- http://yieldyak.com
While none of the domains on this list have been confirmed as hacked yet, the shared registrar with Celer Network and Compound Finance has raised alarms.
The situation underscores the importance of robust security measures in the crypto space, particularly concerning domain management and DNS protection. As the attack continues to unfold, users are urged to exercise caution and remain vigilant.
Disclaimer: This article is based on the information available as of July 11, 2024. The situation is ongoing, and updates will continue to emerge as the investigation progresses.