This incident is part of a broader wave of DNS hijacking attacks targeting DeFi platforms that use Squarespace for domain management.
Decentralized finance (DeFi) platform dYdX promptly restored its version 3.0 website following a DNS hijacking incident on July 23.
The team successfully regained control of the site and urged users to clear their browser cache and restart their browsers before accessing the website to ensure they avoid the compromised version.
Details of the Attack and dYdX’s Response
The attack involved taking over the dYdX v3 domain and creating a counterfeit website designed to drain their assets. When users connected their wallets to this fake site, they were tricked into approving transactions that allowed the attackers to access their assets. This incident is part of a broader wave of DNS hijacking attacks targeting DeFi platforms that use Squarespace for domain management.
The dYdX team promptly addressed the issue, restoring the v3 website within three hours. They advised users to clear their browser cache and restart their browsers to ensure they access the genuine site and avoid any security risks.
https://t.co/Ym1dFLLOwx website has been recovered by dYdX Trading Inc. 🙏
Please note that your machine may still be caching the compromised site.
Make sure to clear your cache and restart your browser before connecting to the website.
— dYdX (@dYdX) July 23, 2024
In a subsequent update, the team assured users that the dYdX Chain, dydx.trade, and the v3 Protocol remained unaffected and secure. They acknowledged that certain wallet extensions, including MetaMask and Phantom, might still show warnings when accessing the site but confirmed that these issues would be resolved shortly. The team has urged its users to remain vigilant and cautious to avoid further security risks.
This development comes at a crucial time as dYdX navigates both operational challenges and potential ownership changes. In the midst of these security challenges, reports have surfaced indicating that dYdX v3 is up for sale. Notably, major market maker Wintermute has shown interest in acquiring the platform.
Connection to Broader Crypto Security Issues
This security incident at dYdX follows a major attack on WazirX, an Indian cryptocurrency exchange, where more than $230 million was stolen in one of 2024’s largest hacks. In the first half of 2024, cryptocurrency thefts surged dramatically, more than doubling from the previous year.
According to TRM Labs, hackers had stolen over $1.38 billion worth of crypto by June 24, compared to $657 million in the same period in 2023. This increase in theft is driven by a combination of significant attacks and rising crypto values.
The median theft amount this year was one-and-a-half times greater than in 2023, reflecting both the higher value of cryptocurrencies and greater motivation among cyber criminals. While the fundamental security of the crypto ecosystem hasn’t changed significantly, the increased value of major tokens like Bitcoin, Ethereum, and Solana has made these assets more attractive targets.
The surge in stolen cryptocurrency values suggests that hackers are not only stealing more but may also increasingly target major exchanges as their primary focus.
next