Blockchain security firm Blockaid has reported that a recent DNS hijacking attack has compromised the front ends of numerous DeFi protocols.
The assault specifically aimed at DNS records hosted on Squarespace, rerouting them to malevolent IP addresses. The attack had an impact on other DeFi protocols, such as Compound and Celer Network, by diverting users to websites that emptied their wallets.
Approximately 228 DeFi protocol front ends are still susceptible to security risks. The attack is attributed to the Inferno Drainer organization, which employs a wallet kit to illicitly appropriate cash. Blockaid is monitoring the locations of individuals involved and cooperating with the community to report websites that have been compromised.
Matthew Gould, the founder of Unstoppable Domains, proposed the implementation of verified onchain records for domains as an additional measure of security.
The proposal entails implementing a new functionality that mandates a signature from the user’s wallet for DNS updates. This measure aims to enhance security by making it more challenging for hackers to compromise both the registrar and the user individually.
