In the wake of a domain attack involving Squarespace, numerous DeFi protocols have released post-mortem reports and updates to inform their communities about the incident’s impact and their subsequent actions.
The breach, which exploited vulnerabilities in the domain hosting service recently acquired by Squarespace from Google Domains, has prompted a swift and coordinated response from affected projects to secure their platforms and reassure users.
Domain Attack Break: DeFi Protocols Release Updates
Thanks to our 24/7 domain security monitoring, an attempted takeover of Celer domains was successfully intercepted. All DNS records have been recovered. Our ongoing investigation indicates that the attack vector likely involved third parties beyond our control.
The Celer…
— CelerNetwork (@CelerNetwork) July 11, 2024
On Thursday, Celer Network announced that its 24/7 domain security monitoring successfully intercepted an attempted takeover of its domains.
According to Celer, all DNS records have been recovered, and the attack vector likely involved third parties beyond its control. The team continues to monitor the situation and will provide updates as more information becomes available.
Also, the yield protocol, Pendle Finance detailed its experience in a comprehensive post-mortem report. The attack on Pendle’s domains occurred as part of the broader exploitation of Squarespace’s vulnerabilities.
After learning about the issue, Pendle’s team initiated a series of countermeasures. Real-time bots were set up to alert any DNS changes, and when a malicious record was detected, the team swiftly shut down the app and regained control of the domain within 40 minutes.
Post Mortem
For context – Squarespace purchased all domain registrations and related customer accounts from Google Domains in June 2023, which forced the migration of domains.
Recently, attackers exploited a vulnerability in Squarespace, hijacking domains hosted on their… https://t.co/0lgcvzss2r
— Pendle (@pendle_fi) July 12, 2024
Throughout the incident, Pendle maintained constant communication with security professionals, ensuring their protocol and funds remained unaffected.
Karak, another DeFi protocol, reported no exposure to the Squarespace vulnerability. The team has collaborated with top security researchers and other projects to bolster security measures and ensure that funds remain safe.
Similarly, DyDx has not detected any vulnerabilities or security issues, and the team continues to monitor the situation, promising updates if any suspicious activity is observed.
While aware of the potential issue, Nostra Finance also reported no signs of hijack attempts on its website or app. It is in the process of transferring its domain to another provider to mitigate any future risks. Users are advised to check Argent and Braavos’s warnings and remain vigilant.
Also, Axelar network developer teams have addressed recent reports concerning domain-related attack. According to Axelar, no issues have been identified with any Axelar websites. The protocol assured its community that their websites would remain unaffected.
Axelar network developer teams are aware of reports that domain-related issues that affected some blockchain projects. At this time, no issue has been identified with any Axelar website. Teams are continuing to monitor the situation closely.
— Axelar Network Status (@Axl_Status) July 11, 2024
Notably, Unstoppable Domains also suffered from the attack. Users were advised to avoid opening emails from @unstoppabledomains.com or using the website until further notice.
Community and Partners take note! https://t.co/NRTKqQHYtu has been subject to an attack. Do NOT open emails from @unstoppabledomains.com or use the website until further notice. @squarespace @SquarespaceHelp pic.twitter.com/eynrlcadbR
— unstoppable.crypto (@unstoppableweb) July 12, 2024
Fortunately, Unstoppable has been able to regain access to its square space account, mitigating the attack. The project said ” We are taking extreme caution to analyze services before restoring website functionality. Onchain domains were not impacted by the Squarespace hack, and continue to function as expected.”
“Avoid Interacting With Crypto Until It’s Resolved,” Experts Warned
PSA – A DNS attack is going on right now affecting Squarespace domain registrar. Best thing to do is to not interact with crypto and rest for the next couple of days until everything is resolved.
Google sold their domain business to Squarespace a few months ago and the forced…
— Bobby Ong (@bobbyong) July 11, 2024
CoinGecko founder Bobby Ong highlighted that Google’s sale of its domain business to Squarespace led to the removal of two-factor authentication (2FA) during the forced migration of domains, creating vulnerabilities.
This has resulted in phishing attacks on decentralized finance (DeFi) platforms, with Compound Finance being the first victim.
Ong advised the community to avoid interacting with crypto until the issue is resolved.
“Best thing to do is to not interact with crypto and rest for the next couple of days until everything is resolved,” Ong said.
Matthew Gould, CEO of Unstoppable Domains (UD), suggested that Web3 domains could prevent such attacks by creating verified on-chain records for domains, adding an extra layer of protection.
Gould proposed that DNS records should not update without a verified on-chain signature, ensuring that even if a registrar or user account is compromised, the domain cannot be altered unless the user’s wallet is compromised.
In the broader scope of digital asset security, Coinbase has also been named an additional custodian for VanEck’s Bitcoin Trust. This arrangement involves holding Bitcoin primarily in cold storage to protect against cyber threats.
These developments highlight the industry’s ongoing efforts to bolster security amid a massive attack on crypto. According to a recent report, over $688 Million were lost across 184 on-chain security incidents in Q2 alone.
The post DeFi Protocols Release Post-Mortem and Updates Following Recent Domain Attack appeared first on Cryptonews.
