DeFi Platforms under Phishing and DNS Hijack Attacks

This year several hack-attacks have been made on crypto exchange platforms that are managed through the DeFi protocol. DeFi stands for decentralized finance; it means that the financial transaction instruments and space are created by the custodians of crypto funds. The crypto exchange platforms, which use DeFi are free from association with any centralized authority like a bank or stock exchange. In this case, the creators of the blockchain act as the owners or custodian authorities.

A recent tweet from a crypto exchange platform, Pancake Swap, has confirmed that their site has been compromised. Traditional exchange platforms exchange assets through a central authority, which improves transaction transparency and confirmation. On the other hand, DeFi exchanges are facilitated by a code that allows assets to move from one place to another. This type of decentralized transfer falls under the non-custodial models-a system that limits access. The official Twitter account of Pancake Swap @PancakeSwap has made a plea to its users to stop using the site while they are working on a recovery strategy.

DeFi Protocol Turning into a High-Risk Investment

According to a report by blockchain data company Chainanalysis, 50% of total cyber-attacks in 2020 were comprised on platforms using DeFi protocol. CipherTrace CEO Dave Jevans believes that DeFi protocols are lacking in due diligence. Due to the absence of formal cyber-security audits, users are exposed to undetected loopholes and bugs in the coding. Another crypto service by the name of Cream has confirmed recently that its DNS has been hijacked and disabled its site until further notice.

The frequent hacks on DeFi have contributed to make the crypto criminals a total profit of $1.9 billion in 2020. However, these numbers show a downward trend from 2019, where the number of cybercrimes damages amounted to $4.5 billion. Due to the increasing number of crypto platforms, users sometimes also fall victim to crypto fraud schemes. WoToken was a massive fraudulent crypto scheme that robbed its users of a collective sum of $1.1 billion. This was the biggest crypto crime registered in 2020.

How Hackers Get Access to Wallets of Registered Users

Investing in DeFi protocols comprises a lot of risks. However, it should be noted that there are no instances where the users are required to input their seed phrase or private keys into a browser application while interacting with DeFi. The users of Pancake Swap and Cream Finance have been prompted to enter their private keys or seed phrase into a malicious interface that allows the hackers to access their wallets. 

In terms of volume, Pancake Swap and Cream finance are the two biggest DNS hijacks of 2021 thus far. Both sites are registered with GoDaddy. IT protocol experts suspect that attackers hijacked service provider’s team accounts to enable a DNS routing point change for these domains. The users of these platforms are getting intercepted by a phishing message that prompts them to enter sensitive details into malware. Both of these projects are under deployment of Binance Smart Chain.  

Leave a Reply

Your email address will not be published. Required fields are marked *