Ether.fi foils domain hijack attempt, credits enhanced security measures

2 months ago

DeFi protocol Ether.fi reported an attempted domain relationship takeover connected Sept. 24 involving its domain registrar, Gandi.net, according to a Sept. 25 github post by the protocol.

According to Ether.fi, the incidental saw attackers effort to exploit Gandi’s betterment process to summation power of Ether.fi’s domain. The archetypal denotation of the breach came astatine 16:38 UTC erstwhile the squad received an email betterment notification from Gandi.

After verifying the email’s SPF, DKIM, and DMARC records, the squad confirmed that attackers had attempted to entree their relationship by utilizing Gandi’s morganatic betterment flow.

Ether.fi promptly engaged Gandi connected aggregate platforms, and by 19:30 UTC, the relationship was successfully locked to forestall further tampering. The institution restored its nameserver configurations, and an interior reappraisal recovered nary grounds of a breach wrong its systems.

Ether.fi said:

“In airy of caller attacks connected akin platforms, we had already upgraded information by enforcing hardware authentication crossed cardinal systems.”

It further noted that these preventive steps helped unafraid their infrastructure. Gandi’s accelerated response, combined with Ether.fi’s safeguards prevented unauthorized entree to the domain and ensured the information of their websites, applications, and email services.

Ether.fi expressed gratitude to its information partners, including Seal911, Doppel, Ethena, and Distrust, who offered contiguous assistance during the incident.

The protocol assured users that each funds remained harmless and nary malicious decentralized applications (dApps) were deployed. It added that it would merchandise further details astir the incidental successful the coming days successful coordination with Gandi’s team.

The station Ether.fi foils domain hijack attempt, credits enhanced information measures appeared archetypal connected CryptoSlate.

View source