SquareSpace DNS hack exposes hundreds of DeFi projects to drain attacks

The decentralized finance (DeFi) ecosystem was rocked today by a massive Domain Name System (DNS) hack that targeted multiple DeFi applications. The attack, attributed to a vulnerability in Squarespace’s domain registry, compromised multiple DeFi platforms, including Compound Finance and Pendle Finance.

Security researchers at Blockaid were the first to identify the attack when the Compound Finance website began redirecting users to a malicious site equipped with a draining application designed to steal users’ funds.

Celer Network was also a victim of the attack but managed to prevent a successful takeover thanks to its robust domain monitoring system.

The scale of the attack is staggering, with Blockaid estimating that hundreds of DeFi projects using Squarespace domains are at risk. list compiled by DefiLlama developer 0xngmi includes over 100 potentially affected domains from platforms such as DyDx, Polymarket, LooksRare, Aptos, Near, Litecoin, and more.

Observers have warned that other names could be affected. Google sold its domain business to Squarespace several months ago and the forced migration of domains removed 2FA, leaving all of those domains vulnerable.

To protect users, MetaMask has implemented an alert system that notifies users who attempt to interact with compromised sites. The wallet provider is actively working to identify and report affected platforms.

As the investigation into the Squarespace DNS hack continues, DeFi users are advised to exercise extreme caution when interacting with any platform until the situation is fully resolved.

Fuente