Ether.fi Thwarts Domain Takeover Attempt, User Funds Remain Safe
Тhis incident highlights growing security concerns in DeFi, with recent attacks on Ethena and Banana Gun.
Ether.fi, a liquid restaking protocol, narrowly avoided a security scare after attackers attempted to hijack its domain name through its registrar, Gandi.net.
According to a detailed post by Ether.fi , the incident unfolded on Sept. 24 when the team received an email notification from Gandi indicating a domain recovery request. This triggered the protocol’s existing security measures, including verifying email sender authentication (SPF, DKIM, and DMARC), which ultimately alerted them to a potential attack.
Ether.fi contacted Gandi across multiple platforms, leading to a successful lockdown of their domain account by 7:30 PM UTC. This prevented further tampering and ensured the integrity of their nameserver configuration.
“We are in contact with our domain provider and the domain is locked down. Please continue to avoid our site until we have verified everything is working as expected,” Ether.fi said on its social media.
The company’s X post emphasizes that no internal breach has been detected, and user funds remain safe.
On September 24, https://t.co/gbHcksxzp2 experienced a security incident involving our domain registrar, https://t.co/hW50MConP9
We’re glad to report that all funds are safe, and the attackers at no point presented a compromised dapp on any https://t.co/gbHcksxzp2 related…
— ether.fi (@ether_fi) September 25, 2024
Proactive Approach and Collaboration
Ether.fi credits its proactive approach – including requiring hardware authentication for key platforms – for mitigating the attack and also highlights the importance of domain registrar security practices. “Gandi’s monitoring systems and process, while aggressive, locked down the domain account and prevented any access to our systems, and kept our websites, apps and emails safe from the attempted attack.”
While the full picture remains under investigation, Ether.fi promises further details in collaboration with Gandi within the next two days.
DeFi Under Attack: Recent Security Incidents Raise Concerns
The Ether.fi domain takeover attempt is just one example of the growing number of security incidents affecting the decentralized finance (DeFi) ecosystem. In recent weeks, several other DeFi projects have fallen victim to attacks, highlighting the ongoing challenges in safeguarding user funds and data.
An example is the Ethena website exploit that occurred in September. Ethena Labs, the company behind the synthetic dollar protocol, warned users to avoid interacting with any site or application claiming to be Ethena. According to its X post from Sept. 18, the site’s domain registrar account was compromised, resulting in the temporary shutdown of the site. Despite the exploit, Ethena Labs assured users that the underlying protocol and their funds remained unaffected.
The Ethena domain registrar account was recently compromised and we have taken steps to deactivate the site until further notice.
The protocol is unaffected and funds are safe.
Please do not interact with any site or application purporting to be the Ethena frontend.
— Ethena Labs (@ethena_labs) September 18, 2024
Another high-profile incident involved the Telegram -based cryptocurrency trading bot Banana Gun. This bot allows users to trade on popular blockchains like Ethereum , Solana , and Base. However, on Sept. 19, attackers exploited vulnerabilities in the bot’s code to drain nearly $2 million worth of digital assets from unsuspecting users. Security firm Cyvers identified at least 11 attackers responsible for these thefts.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
SWELL在Hyperliquid平台的拍卖中以42万美元的价格成交
昨日ARKB净流出1.12亿美元,BITB净流出3600万美元
Volatility Shares申请推出基于Solana期货的杠杆型ETF
上周以太坊NFT交易额升至1.86亿美元,为近3个月来最高水平