On Friday, the first of July, blockchain networks Polygon and Fantom were subjected to a DNS attack. There is no information about the stolen funds yet.
So, the main actors of the event: Polygon and Fantom — blockchain networks, Ankr — Web3 infrastructure and cross-chain staking DeFi platform. Ankr is a provider of public RPC gateways for Polygon and Fantom. These gateways provide the connection of crypto wallets and web browsers with Ethereum validator nodes.
On the first of July, Polygon and Fantom were subjected to a DNS attack. This type of attack is used by hackers to trick users by redirecting them to a scam website instead of the company’s official website. In this case, fake websites were created to steal keys from users’ digital wallets.
Mudit Gupta, CISO Polygon, tweeted about the attack.
The developers quickly dealt with the problem, and a secure access to Polygon and Fantom was restored in the evening of the same day. A post with this news appeared on Ankr Twitter.
Ankr co-founder Chandler Song commented on the situation in an interview with The Defiant. According to him, the attack occurred due to the vulnerability of DNS provider of Ankr — Gandi.
“The attacker basically social-engineered the customer service [at Gandi] and pretended to be an Ankr employee.” — Chandler Song, Ankr co-founder.
As for user funds, the co-founder of Polygon Sandeep reassured that “ALL USER FUNDS ARE SAFE.”
Mudit Gupta, in turn, added that Ankr and Polygon are working “to ensure this does not happen again.”
Recently, a similar attack occurred on OpenSea.
Fortunately, no one was damaged by this attack. But, the vulnerability of the human factor, which has revealed itself in this situation, is worrying. We hope that no one will suffer from such attacks in the future, and we continue to observe.