DefiLlama Updated DNS Attack List; Squarespace Domains at Risk

Key Takeaways
  • DefiLlama identifies 128 protocols' websites at risk due to Squarespace domain vulnerabilities including Pendle Finance, dYdX, Thorchain, and Axelar.
  • Google's sale of its domain business to Squarespace led to the removal of two-factor authentication.
  • Security experts recommend switching to alternative domain providers like Cloudflare and AWS Route 53.
12-07-2024 By: Deep Upadhyay
DefiLlama Updated DN

DefiLlama's DNS Attack Alert: Protecting Squarespace Domains

On July 11, DeFiLlama developer 0xngmi identified that around 128 protocols' front-end websites, including Pendle Finance, dYdX, Thorchain, and Axelar, might be at risk. While Pendle's domain remains secure, caution is advised for all project websites utilizing Squarespace domain services.

Additionally, Celer Network is another significant name on the list. 0xngmi clarified that these sites are not currently compromised but are considered "at risk" due to their use of Squarespace, a widely used domain registrar.

The websites are experiencing a DNS domain attack affecting multiple projects simultaneously. This ongoing DNS attack targets the Squarespace domain registrar. It is recommended to avoid interacting with crypto-related activities for the next few days until the issue is resolved.

CoinGecko founder Bobby Ong took to X to explain the incident. According to him after Google sold its domain business to Squarespace in June 2023, two-factor authentication was removed due to the forced migration of domains.

CoinGecko founder Bobby Ong took to X

Source: X

DefiLlama's founder is actively updating the list of at-risk Squarespace domains to protect users from potential attacks.

Which Projects Are at Risk?

As per the latest update, the list now contains 103 domains, with new additions including lockon.finance, aloe.capital, starlay.finance, layer2.finance, ohmycrypt.com, xbank.finance, 88mph.app, ion.wtf, etc. Moreover, users of these domains are advised to remain vigilant.

These domains are flagged as potentially vulnerable because they use Squarespace. The founder of DefiLlama has been regularly updating this list to alert users about possible security risks. Inclusion on this list does not confirm that a domain has been compromised, but it suggests that it could be a target for attacks. 

Security researcher Samzsun advised those impacted by the recent Squarespace domain hijacking to consider switching to alternative providers. The white hat hacker suggested options such as Cloudflare, Amazon Web Services Route 53, MarkMonitor, and CSC DBS.

In the meantime, Matthew Gould, founder and CEO of Web3 domain provider Unstoppable Domains (UD), highlighted how Web3 domains could help prevent such attacks.

"Creating verified on-chain records for domains can add an extra layer of protection and help fight such attacks", Gould added.

Conclusion

The recent DNS attack on Squarespace domains has put around 128 protocols' front-end websites at risk, prompting caution for users of these services. While no domains have been compromised yet, the ongoing threat highlights the need for vigilance. Security experts recommend considering alternative domain providers and exploring Web3 domains for enhanced protection. DefiLlama continues to update the list of at-risk domains to keep users informed and secure. 

Also Read: FinTAX: TON Ecosystem's First Professional Tax Softwar

WHAT'S YOUR OPINION?
Related News
Related Blogs