Major crypto projects at risk as Squarespace domain breach unfolds

Share This Post

Malicious actors are targeting several crypto projects with domain names provided by Squarespace.

On July 11, Oxngmi, the pseudonymous developer of DeFiLlama, reported that over 100 crypto projects using Squarespace, including Polymarket, Hyperliquid, dYdX, and THORChain, are at risk of being hacked.

Blockchain security firm Blockaid confirmed this, stating that an attacker gained control of the DNS registry for Compound Finance and interoperability protocol Celer Network and subsequently redirected visitors to a page that would drain funds from their wallets.

The security firm said:

“From initial assessment, it appears that the attackers are operating by hijacking DNS records of projects hosted on SquareSpace…The attackers are using a drainer kit associated with the most recent iteration of the Inferno drainer group.”

Meanwhile, the security threats are ongoing as new projects like Unstoppable Domains and DeFi project Pendle have also reported domain name hacks. Pendle said its domain was secure as of press time.

Matthew Gould, the CEO of Web3 domain provider Unstoppable Domains, warned users not to click on any links. He added that the attackers are trying to create a fake website and spread phishing emails.

He said:

“If you were on Google domains and got migrated to Squarespace you are vulnerable and should let your engineeing team know to move immediately.”

It is unclear if any of these breaches resulted in financial losses for users of these platforms.

Squarespace has yet to respond to CryptoSlate’s request for comment as of press time.

What is the cause of the attack?

CoinGecko founder Bobby Ong revealed that a security breach originated from Squarespace’s domain registrar. He explained that Google’s sale of its domain business to Squarespace led to the removal of two-factor authentication (2FA) due to forced domain migration.

Ong said:

“Google sold their domain business to Squarespace a few months ago and the forced migration of domains to Squarespace removed 2FA causing all these domains to be vulnerable and several have been hijacked.”

DeFi project Pendle noted the significant scale of the attack, pointing out that security experts are still determining the exact mechanism behind these hijackings. It added that the migration from Google to Squarespace affected many domains.

Pendle said:

“ICANN’s domain transfer policies prevent us from transferring domains away from Squarespace for another ~20 days.”

Meanwhile, a security advisory from SEAL 911 — a team of white hat hackers including ZachXBT — Paradigm’s Samczsun, Consensys’ Taylor Mohanan (Tayvano), and Andrew Mohawk, suggested that Squarespace might have been compromised via a social engineering attack.

Solutions?

Security experts recommend that projects enhance their protection by enabling two-factor authentication (2FA) on Squarespace.

They also advise removing excess contributor accounts and reseller access. Additionally, they suggest reverting all changes to DNS records and removing unnecessary admins from accounts.

Experts further advise affected projects to consider switching to other providers such as Cloudflare, Amazon Web Services, MarkMonitor, and CSC DBS.

The post Major crypto projects at risk as Squarespace domain breach unfolds appeared first on CryptoSlate.

Read Entire Article
spot_img
- Advertisement -spot_img

Related Posts

Dogecoin Price Prediction 2025, 2026 – 2030: Will DOGE Price Hit $1?

The post Dogecoin Price Prediction 2025, 2026 – 2030: Will DOGE Price Hit $1 appeared first on Coinpedia Fintech News Story Highlights The price of Dogecoin today is Dogecoin price may reach a

Cardano Price Prediction 2025, 2026 – 2030: Will ADA Price Hit $2?

The post Cardano Price Prediction 2025, 2026 – 2030: Will ADA Price Hit $2 appeared first on Coinpedia Fintech News Story Highlights The live price of the Cardano token is ADA coin price could

Solana Price Prediction 2025, 2026 – 2030: SOL Price Targets $500 Next?

The post Solana Price Prediction 2025, 2026 – 2030: SOL Price Targets $500 Next appeared first on Coinpedia Fintech News Story Highlights Solana Price Today is Solana price could reach a

Crypto.com Expands UAE Footprint With License to Offer Derivatives

Cryptocom has received a limited license from Dubai’s Virtual Assets Regulatory Authority (VARA) to offer derivative products such as futures and perpetual swaps, marking a major step forward

Binance Coin Price Prediction 2025, 2026 – 2030: Will BNB Hit $1000?

The post Binance Coin Price Prediction 2025, 2026 – 2030: Will BNB Hit $1000 appeared first on Coinpedia Fintech News Story Highlights Binance Coin Price Today is The BNB price prediction

Vermont withdraws action against Coinbase, awaits SEC’s regulatory clarity

Vermont has officially withdrawn its legal action against Coinbase, which accused the crypto exchange of offering unregistered securities through its staking program In a court filing on March 13,