A security vulnerability affecting Squarespace domains has exposed numerous DeFi protocols to phishing attacks, prompting industry experts to issue warnings and advice to users.
On July 11, blockchain investigator ZachXBT alerted the community via Telegram about Compound Finance’s website being redirected to a phishing site due to this vulnerability. The DeFi protocol subsequently confirmed the breach of its website and urged users to avoid it while it works on providing updates on the issue.
However, the scope of the vulnerability extends beyond Compound Finance. DefiLlama developer 0xngmi identified over 100 vulnerable domains, including prominent platforms such as Polymarket, dYdX, and Pendle Finance.
CoinGecko founder Bobby Ong attributed the issue to a security lapse following Google’s sale of its domain business to Squarespace. The forced migration of domains resulted in the removal of two-factor authentication (2FA), creating a security gap.
In response to the threat, Ong advised users to refrain from crypto interactions for a few days until the vulnerability is resolved. Security researcher Samzsun recommended that affected users consider transferring their domains to more secure providers like Cloudflare, Amazon Web Services Route 53, MarkMonitor, or CSC DBS.
Matthew Gould, founder and CEO of Web3 domain provider Unstoppable Domains (UD), proposed that such attacks could be prevented with Web3 domains. He explained that creating verified on-chain records for domains adds an extra layer of security, allowing browsers and other entities to verify authenticity. Gould also suggested configuring DNS records to update only with a verified on-chain signature, which would require hackers to compromise both the registrar and the user separately.
“If your UD account was compromised, or UD itself as a registrar was compromised, but not your wallet, the malicious user could not alter your domain in DNS,“
Gould added.
These developments come against a backdrop of increasing cyber threats affecting the cryptocurrency industry. According to reports, at least three Coinbase users were targeted by scammers posing as Coinbase staff in the past week, and one of the victims lost more than $1 million.
If you want to read more news articles like this, visit DeFi Planet and follow us on Twitter, LinkedIn, Facebook, Instagram, and CoinMarketCap Community.
“Take control of your crypto portfolio with MARKETS PRO, DeFi Planet’s suite of analytics tools.”
