DeFi apps on Squarespace are vulnerable to a DNS hijacking attack that redirects users to malicious sites. Over 120 DeFi protocols are potentially vulnerable, including Compound and Celer Network. Learn more about the DeFi security risk and how to protect yourself.
(adsbygoogle = window.adsbygoogle || []).push({}); DeFi (Decentralized Finance) has emerged as a revolutionary force in the financial world.
By leveraging blockchain technology, DeFi applications aim to empower users with more control over their finances with no interference from intermediaries. However, a recent security breach has exposed a vulnerability in DeFi apps hosted on Squarespace, a popular website-building platform. The attack involved hackers hijacking the Domain Name System ( DNS ) records of DeFi applications.
DNS acts as the phonebook of the internet, translating human-readable domain names into numerical IP addresses that computers can understand. This domain registry attack, which occurred on July 11, 2024, potentially affected around 128 DeFi protocols. Oxngmi, a developer at the blockchain analytics platform DefiLlama shared a list of what they marked as a “List of domains that are registered with Squarespace and thus could be vulnerable.
” (adsbygoogle = window.adsbygoogle || []).push({}); According to Blockchain security platform Blockaid’s investigation the attacker took control of the DNS registry for Compound Finance and attempted to control Celer Network’s registry.
By compromising .
