A DNS hijack compromised Ankr’s services for Fantom and Polygon but the Web3 company cannot determine whether the users fell victim to the attack no users’ funds were compromised so let’s have a closer look at our latest cryptocurrency news.
The Web3 infrastrcuture company Ankr is known for offering node endpoints as well as staking services to PoS blockchains. The hacker forfeited a scam-like pop-up on Polygon and Fantom network via a DNS hijack to steal the users’ seen phases so the project soon recovered the human-made errors saying that no funds were lost because of the incident.
Public RPC gateway provided by Ankr for Polygon (https://t.co/NEQW6sEUKe) and Fantom (https://t.co/apZkmh2ERA) were comprised via DNS hijack earlier today.
Polygon and Fantom foundation have no control over services provided by others.
Use Alchemy or others while this is fixed.
— Mudit Gupta (@Mudit__Gupta) July 1, 2022
Soon after the security research “CIA Officer” exposed the attack and the Polygon CTO Mudit Gupta announced on Twitter and urged users to use alternative services while things are getting fixed. In the meantime, he identified the leading player as responsible for the incident of infrastructure failure. A few hours after the hackers compromised the gateways to Fantom and Polygon and Anrk released a new statement assuring users that the attack was neutralized. Also, the core services were unaffected and two free-to-use public remote procedures call interfaces for Polygon and Fantom on the external site were breached.
The exploit started with a trick that targeted Anrk’s centralized entity when the attacker deceived third-party DNS providers into giving the hacker access to Fantom and Polygon domains. Anrk’s web service provider Gandi was tricked by the hacker’s fake identity agreeing to change the metal addresses for the account in the registrar. The users had accessed the blockchain through Anrk’s endpoints will receive a phishing phase that asked them to reset their seed on PolygonApp and the hackers can steal the funds by having affected users’ seed phases.
2/ Important to know that
➡None of Ankr's paid or enterprise services were affected by the attack
➡️All core RPC services at https://t.co/Q8fL5Y3bS2 were completely unaffected
➡️Only two free-to-use public RPCs for Fantom and Polygon on an external site were compromised— Ankr (@ankr) July 1, 2022
The full explanation behind the exploit remains uknown as Ankr tries to understand what Gandi accepted with the change and revealed that the compromise could have to do with the domains as a centralized point of failure. It Is no longer uncommon that a third-party error leads to the platform being compromised. The biggest NFT market, OpenSea reported a data breach citing an employee of Customer.io with a third-party platform hired by the company as responsible for the mistake. Due to the lack of data the customers received suspicious emails, phone calls, and scammer messages while Opensea warned the customers to remain vigilant.
Due to the leak of data about its customers who thus received suspicious emails, phone calls, and messages from scammers, OpenSea warned its customers to remain vigilant and sent out emails that include anti-phishing practices.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post