U.S. markets open in 8 hours 11 minutes
  • S&P Futures

    4,276.50
    -10.00 (-0.23%)
     
  • Dow Futures

    33,929.00
    -52.00 (-0.15%)
     
  • Nasdaq Futures

    13,486.25
    -37.00 (-0.27%)
     
  • Russell 2000 Futures

    1,993.60
    -8.10 (-0.40%)
     
  • Crude Oil

    90.14
    -0.36 (-0.40%)
     
  • Gold

    1,766.40
    -4.80 (-0.27%)
     
  • Silver

    19.25
    -0.22 (-1.13%)
     
  • EUR/USD

    1.0081
    -0.0011 (-0.11%)
     
  • 10-Yr Bond

    2.8800
    0.0000 (0.00%)
     
  • Vix

    19.56
    -0.34 (-1.71%)
     
  • GBP/USD

    1.1913
    -0.0020 (-0.17%)
     
  • USD/JPY

    136.2720
    +0.4100 (+0.30%)
     
  • BTC-USD

    22,816.62
    -616.82 (-2.63%)
     
  • CMC Crypto 200

    542.53
    -15.20 (-2.72%)
     
  • FTSE 100

    7,541.85
    +26.10 (+0.35%)
     
  • Nikkei 225

    28,930.82
    -11.32 (-0.04%)
     

Polygon and Fantom Services Restored After Phishing Attack

  • Oops!
    Something went wrong.
    Please try again later.
  • Oops!
    Something went wrong.
    Please try again later.
·2 min read
In this article:
  • Oops!
    Something went wrong.
    Please try again later.
  • Oops!
    Something went wrong.
    Please try again later.

Blockchain networks Polygon and Fantom suffered a DNS attack Friday that directed users to malicious websites created to steal the keys to their digital wallets.

Safe access to the crypto platforms’ websites was restored shortly before noon Friday, according to the co-founder of Ankr, an infrastructure firm. Ankr provides Polygon and Fantom with public RPC gateways, computer programs that allow crypto wallets and web browsers to communicate with Ethereum validator nodes.

The attack began with a breach at Ankr’s DNS provider, Gandi, according to Ankr co-founder Chandler Song.

“The attacker basically social-engineered the customer service [at Gandi] and pretended to be an Ankr employee,” Song explained in an interview with The Defiant, and “had the entire corporate email address changed on Gandi.”

Ankr Nodes Affected

The attack affected a pair of nodes that Ankr offers the Polygon and Fantom communities at no cost, “simply out of goodwill to the developer community and the users,” Song said. The attacker was then able to send users an error message directing them to a website where they were instructed to connect their crypto wallets.

“It’s obviously a phishing scam,” Song said. “Hopefully not a single person clicked on those websites, but so far I’ve not heard of anyone clicking on those websites.”

Polygon co-founder Sandeep Nailwal took to Twitter to assure users the Polygon blockchain was running without issues, and to direct them to alternative RPC providers, such as Infura and Alchemy.

Gandi Security Practices

Song slammed Gandi’s security practices, saying it was too easy for the attacker to successfully impersonate an Ankr employee. He added that Ankr had already ditched Gandi as it DNS provider for its free Polygon and Fantom RPC service.

It wasn’t the only change discussed in light of Friday’s incident.

Polygon is looking into longer-term solutions that would prevent a repeat of Friday’s breach, according to chief information security officer Mudit Gupta. 
“We are also working on a more decentralized alternative as a research project and a foundation owned RPC node for more reliability,” he tweeted.

Read the original post on The Defiant