A security flaw in Squarespace domains has exposed the decentralized finance (DeFi) sector to phishing attacks. On July 11, security researcher ZachXBT alerted the community to avoid the Compound Finance website, which had redirected users to a phishing site. This vulnerability raises significant concerns for multiple DeFi protocols and users’ online safety.
New Attack Method in the Web3 Space
The first known victim of this vulnerability was the DeFi protocol Compound Finance. Subsequently, Celer Network reported a similar attack but managed to prevent any breach. DefiLlama developer 0xngmi identified over 100 protocols, including Polymarket, dYdX, and Pendle Finance, as susceptible to the same attack vector. This widespread risk underscores the urgent need for enhanced security measures within the DeFi ecosystem.
CoinGecko founder Bobby Ong explained that the attacks stemmed from Squarespace’s domain registrar. After Google sold its domain business to Squarespace, mandatory domain transfers led to the removal of two-factor authentication (2FA), leaving domains vulnerable to attacks. Ong advised the community to refrain from engaging in crypto activities until the issue is resolved.
Notable Statements on the Issue
Security expert Samzsun suggested affected users consider transferring their domains to providers like Cloudflare, Amazon Web Services Route 53, MarkMonitor, and CSC DBS. Unstoppable Domains (UD) CEO Matthew Gould emphasized the potential of Web3 domains in preventing such attacks by creating verified on-chain records for added security.
Practical Security Recommendations
- Transfer domains to providers with robust security features like Cloudflare or Amazon Web Services Route 53.
- Implement verified on-chain records for domains to add an extra layer of browser protection.
- Configure DNS records to be non-updatable without a verified on-chain signature.
- Ensure record updates require signatures from user wallets to mitigate the risk of domain tampering.
In conclusion, the recent security vulnerability in Squarespace domains poses a significant threat to the DeFi sector. Security experts recommend immediate action, including transferring domains to more secure providers and implementing on-chain signatures to safeguard against phishing attacks. Until these measures are in place, users are advised to limit their interactions with crypto platforms.
