Several crypto projects are facing a significant risk due to a domain breach on Squarespace. Security experts are urging these projects to strengthen their security measures by enabling two-factor authentication (2FA) on Squarespace.
The breach, which was reported by Oxngmi, the developer of DeFiLlama, has put over 100 crypto projects at risk, including big names like Polymarket, Hyperliquid, dYdX, and THORChain. Blockaid, a blockchain security firm, confirmed that malicious actors have gained control of the DNS registry for projects like Compound Finance and Celer Network, redirecting visitors to a page designed to drain funds from their wallets.
New projects like Unstoppable Domains and DeFi project Pendle have also reported domain name hacks, highlighting the ongoing security threats in the crypto space. Matthew Gould, the CEO of Unstoppable Domains, warned users to be cautious of clicking on any links as attackers are attempting to create fake websites and spread phishing emails.
The cause of the attack has been traced back to a security breach in Squarespace’s domain registrar. Bobby Ong, the founder of CoinGecko, explained that Google’s sale of its domain business to Squarespace resulted in the removal of 2FA due to forced domain migration, leaving many domains vulnerable to attacks.
DeFi project Pendle emphasized the scale of the attack and noted that security experts are still investigating the exact mechanism behind the hijackings. ICANN’s domain transfer policies are preventing affected projects from transferring their domains away from Squarespace for approximately 20 days.
In response to the breach, security experts recommend that affected projects enable 2FA on Squarespace, remove excess contributor accounts and reseller access, revert all changes to DNS records, and eliminate unnecessary admins from accounts. They also suggest considering alternative domain providers like Cloudflare, Amazon Web Services, MarkMonitor, and CSC DBS for enhanced security.
As the situation continues to unfold, it is crucial for crypto projects to prioritize their security measures and take proactive steps to safeguard their domains and user funds from malicious actors. Stay tuned for updates on this developing story.