Celer Network warns of potential DNS hijacking attack targeting multiple crypto websites
Quick Take Celer Network has warned about a possible DNS domain hijacking attack affecting several projects. Users are advised not to access Celer.network and cbridge.celer.network. This came after a Compound Finance contributor reported signs of a separate hijacking attempt on its official website. Data from who.is shows that these websites are registered via domain registrar Squarespace.
Celer Network has issued a warning regarding a possible DNS domain hijacking attack that could impact several projects. The interoperability project recommended that users refrain from accessing its front-end websites, Celer.network and cbridge.celer.network.
This cautionary measure comes after a contributor to Compound Finance noted signs of hijacking on its own website (compound.finance), leading to a temporary advisory against visiting it. Data from who.is shows that these websites are registered via domain registrar Squarespace.
“Multiple crypto projects have had their domains mysteriously hijacked from their Squarespace account,” security analyst samczsun noted . He suggested projects transferr affected domains to other hosting platforms such as Cloudflare and AWS.
Squarespace is the domain registrar in this case. It’s a popular website builder and hosting platform that allows users to create and maintain websites. Websites can be prone to being taken over by nefarious actors via centralized systems that help manage domain names for websites.
DeFiLlama co-founder 0xngmi noted that several notable domains are at risk, including those belonging to Pendle, Karak, Hyperliquid, Thorchain and others.
The domain name system is a widely used protocol that websites rely on. However, attackers can exploit issues in DNS to attempt nefarious activities, such as redirecting the official website to a malicious one.
This was not the first DNS-based attack for Celer, as it faced a similar incident in 2022. Other projects such as Curve and Balancer have also been impacted over the last few years.
During DNS attacks, hackers try to lure users into engaging with compromised smart contracts, which can result in the loss of crypto assets. So far, in today’s incidents, no loss of funds has been reported.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Are Memecoins Facing a Crisis of Trust and Accountability?
Indonesia’s crypto transactions rises with 350% increase
Chinese Giant Boyaa Converts $49M Ethereum to Bitcoin Holdings
Putin signs bill recognizing Bitcoin as property in Russia
However, mining facility operators must report client details to tax authorities or face fines of 40,000 rubles ($371).