B57

Pure Crypto. Nothing Else.

    • News

    Cryptocurrency Chaos: Balancer’s DNS Hack and Its Aftermath

    ilago Posted on

    The Incident Unfolds

    On a seemingly mundane September 19, the crypto world was jolted by a breach involving Balancer, an automated market maker built on the Ethereum network. The team quickly attributed the attack to a cunning social engineering scheme targeting their domain name service provider, EuroDNS. In a bold move, hackers pocketed around $238,000 by exploiting the website’s front end with a series of clever ruses.

    Who’s Behind the Curtain?

    After digging through the digital ruins, investigators from blockchain security firms SlowMist and CertiK linked the attack to the notorious Angel Drainer phishing group. According to SlowMist, the hackers executed a Border Gateway Protocol (BGP) hijacking, gaining unauthorized access to IP addresses by muddling the internet’s routing tables—talk about a wild tech trick!

    How Did They Do It?

    Once inside, the hackers ensnared unwitting users, coaxing them into approving transactions via the “transferFrom” function, sending their funds straight to Balancer’s exploiter account. It’s like a magician’s trick, but instead of pulling rabbits from hats, they were pulling crypto from wallets.

    Balancer’s Response

    Facing the chaos head-on, Balancer’s fearless DAO quickly sprang into action. Just eight hours post-incident, the organization confirmed they were on the case, taking steps to regain control of their domain and restore the functionality of their user interface.

    The Comeback

    By 5:45 PM UTC on September 20, Balancer declared victory, stating the domain was secured and safe for users once again. However, despite the announcement, a warning still stalked the digital realm—a “Deceptive site ahead” alert popped up for users attempting to access the site, leaving everyone scratching their heads in confusion.

    Lessons Learned

    In the aftermath, Balancer hinted at the possibility of dropping the .fi top-level domain altogether, a move suggested for other organizations currently using that domain as well. It’s a tantalizing reminder that even in the world of high-tech finance, old-school vigilance against social engineering tactics can’t be overlooked.

    Final Takes & Precautionary Measures

    • Stay alert: Phishing schemes like those employed by the Angel Drainer group are constantly evolving.
    • Ensure you’re using secure registrars and practices, especially when dealing with valuable digital assets.
    • Monitor updates from trusted sources to keep abreast of security issues.
    Tagged:

    LEAVE A RESPONSE

    Your email address will not be published. Required fields are marked *

    ilago
    View all posts

    You Might Also Like