Disclaimer: Information found on CryptoreNews is those of writers quoted. It does not represent the opinions of CryptoreNews on whether to sell, buy or hold any investments. You are advised to conduct your own research before making any investment decisions. Use provided information at your own risk.
CryptoreNews covers fintech, blockchain and Bitcoin bringing you the latest crypto news and analyses on the future of money.
Cyber adversaries have pilfered millions of digital assets through DNS hijacking attacks aimed at phishing, targeting users’ wallet seed phrases, or crafting misleading webpages that closely mimic legitimate sites.
Attacks on Domain Name Systems (DNSs) are pivotal to the internet’s infrastructure, shedding light on security incidents in Web 2 that have directly impacted the Web3 sector. Nevertheless, the shift to decentralized frontends has emerged as a viable solution to address these issues, as noted in a recent report by CertiK.
DNS Hijacking of DeFi Protocols
DNS hijacking constitutes an attack on a fundamental element of Internet infrastructure. It can potentially render a public DNS service unreachable in certain situations, or it may be used to redirect users to harmful websites in other instances.
In general, the attacker alters the DNS by replacing the mapping (DomainName, Legitimate IP) with (DomainName, MaliciousServer IP). This manipulation allows them to intercept subsequent users’ DNS queries, guiding them to fraudulent websites without the users’ knowledge, as explained by CertiK.
Users unknowingly visit these deceptive sites through the compromised servers, putting themselves at risk of phishing attacks and the installation of malware that can jeopardize their devices.
Related Posts
CreamFinance and PancakeSwap reported incidents of DNS hijacking in 2021, while two public RPC gateways provided by Ankr for Polygon and Fantom wallets were breached via a DNS hijacking attack the following year. During the same timeframe, Cronos-based DEX MM.Finance, Curve Finance, Celer Protocol, Fantom-based SpiritSwap, and Polygon-based QuickSwap also experienced frontend breaches due to a DNS hijacking attack.
These occurrences underscored the considerable impact of vulnerabilities in Web2 on the Web3 ecosystem, highlighting the interconnected security of these two domains.
CertiK noted that the ongoing issue of DNS credential theft and the vulnerabilities stemming from third-party domain service providers present a significant challenge for Web3 projects. The core Web3 protocols themselves were not fundamentally flawed; instead, it was the conventional centralized domain infrastructure that rendered them vulnerable to these problems.
Solution
CertiK stressed the importance of adopting a combination of IPFS and ENS, which illustrates the potential of decentralized and DLT-based solutions in mitigating DNS hijacking attacks. These systems emphasize content authenticity, reduce points of failure, and significantly diminish the vulnerabilities linked to centralized control and authority.
“The transition towards decentralized infrastructure, along with the ongoing enhancement of both human and technological defenses, has become crucial for the future security of Web3 projects and their users.”
SPECIAL OFFER (Sponsored) Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).
PrimeXBT Special Offer: Use this link to register & enter CRYPTOPOTATO50 code to receive up to $7,000 on your deposits.
