DNS Attack affects Polygon and Fantom

Fantom and Polygon's main RPC compromised and they urged users to use alternate RPC service providers like Infura and more.

DNS Attack affects Polygon and Fantom


DNS Attack

Mudit Gupta, Polygon’s Chief Information Security Officer, announced on Friday, that Ankr, the supplier of the Node infrastructure for its network, was subject to a DNS attack.

The attackers were able to take control of two platforms RPC (a kind of software communication tool used to send data between networks), Polygon and Fantom. The hackers could be attempting to ingeniously fool consumers into divulging their wallet seed phrase.

Ankr acknowledged that it was addressing the concerns identified by the community while recommending that they use different RPCs in place of the compromised ones. Chandler Song, co-founder of Ankr, replied to Mudit Gupta on twitter:

“Actually this is caused by @gandibar changing their customers' email addresses without their approval.”

Ankr has tweeted a statement where they've shared all the required details related to this issue.

In addition to assuring consumers that their funds were secure, Polygon co-founder Sandeep Nailwal also suggested them to use alternative RPC service providers like Infura and others.

Ankr stated that all services have been fully restored and are operating as expected as of now. This happened because a third company they use for DNS managed to alter some account details.

Phishing Attacks on users

A message urging users to instantly move their funds to another platform with the address polygonapp[.]net was sent to users of the compromised RPC. They are then sent to a completely different website that requests their seed phrase. Malicious actors always come up with innovative strategies and tactics on how to deceive trusting people. Recently, six people were charged by the U.S. Department of Justice for their involvement in different crypto crimes.

Crypto Projects affected by similar attacks

On June 24, a similar DNS assault took place, and other DeFi initiatives were taken over. Projects including Convex Finance, Ribbon Finance, Allbridge, and DeFisaver were among those that were impacted. The affected projects were all using Namecheap as their domain registrar. All of the affected projects used Namecheap to register their domains.

Crema Finance tweeted on Sunday to report that a hacking attempt had occurred on their protocol and that they had temporarily discontinued the service and started an investigation.

Other Reads


Disclaimer: The information contained on this web page is for education purposes only. Readers are suggested to conduct their own research, review, analyze and verify the content before relying on them.

To publish press releases, project updates, and guest posts with us, please email at contact@etherworld.co.

Subscribe to EtherWorld YouTube channel for ELI5 content.

Share if you like the content. Support us at Gitcoin

You've something to share with the blockchain community, join us on Discord!

Follow us at Twitter, Facebook, LinkedIn, and Instagram

Share Tweet Send
You've successfully subscribed to EtherWorld.co
Great! Next, complete checkout for full access to EtherWorld.co
Welcome back! You've successfully signed in
Success! Your account is fully activated, you now have access to all content.