AltcoinCryptocurrencyDeFi

Cream Finance Criticizes GoDaddy for DNS Attack

Three days ago, a lot of Defi protocols built on the Binance Smart Chain platform announced on the bird app that they were experiencing a DNS attack. Hence, their sites weren’t accessible for the better part of that day. Today, Cream Finance has reported that they didn’t suffer any financial loss after the attack. It further disclosed that none of their smart contracts had any problem. Also, their partners and community were highly instrumental in helping them regain control of its DNS.

Cream Finance Tweet. Source: Twitter

Can GoDaddy Be Complicit in The Attack?

Cream Finance reported that the hacker attacked through its GoDaddy account where it registered its domain name. Thus, making it possible to redirect the domain name to a fictitious website. However, after a few hours, it reclaimed access to that domain name. Once the attacker hacked cream’s GoDaddy account, his first step was to change its domain records in there.

However, Cream Finance used Cloudflare’s security protocol to initiate a migration process. Then, it sought the help of Coingecko, Coinmarketcap and other leading industry analytics platform to upgrade the web link and deliver a warning. After reclaiming control, the Defi protocol utilized a decentralized frontend in the interplanetary file system (IPFS). Through the IPFS, Cream will never need to rely on a centralized as it is now in complete control.

📰 Also read:  Trading Volume vs. Onchain Volume - What is the Difference?

A company representative stated that: “compared to GoDaddy, we can completely manage the ENS record. Thus, it would be highly unlikely that similar attacks will happen in the future.” The Cream also disclosed that access to the account is only possible through a Google single Sign-on (SSO), and since that won’t require a username and password, the google account manipulated.

Based on GoDaddy’s activity log, the attacker’s email address received a dubious password reset request. But, it didn’t log any request for a change in the email address. Curiously, it was impossible to have access to all GoDaddy’s activity logs during that period. Thus, arousing suspicions about the domain registrar company. When it tried to access all the logs, it received an error message: “unexpected error.”

But then, when Cream logged into its GoDaddy account and made some minor tweaks, the activity log was fully functional. Coincidentally, PancakeSwap experienced the same DNS attack. They too are built on BSC and their domain name was also registered with GoDaddy.

The hacker also used the same method to hack Cream Finance and PancakeSwap. Hence, cream concluded that it was the same hacker that tried to exploit both companies. Thus, they are implying that GoDaddy might be involved in the attack and who knows, they might be the ones that initiated the attack.

📰 Also read:  Price Analysis November 7th, 2024 - BTC, SOL, BNB, ETH, and DOGE

What Can We Learn from All This Situation?

First, much work still needs to be done about Defi protocols, especially on how their operations can rely less on centralized platforms such as amazon, google and GoDaddy. Since the finance market is still at its infant stage, Defi protocols will remain at the mercy of these tech giants till a properly decentralized platform is established.


Tokenhell produces content exposure for over 5,000 crypto companies and you can be one of them too! Contact at info@tokenhell.com if you have any questions. Cryptocurrencies are highly volatile, conduct your own research before making any investment decisions. Some of the posts on this website are guest posts or paid posts that are not written by Tokenhell authors (namely Crypto Cable , Sponsored Articles and Press Release content) and the views expressed in these types of posts do not reflect the views of this website. Tokenhell is not responsible for the content, accuracy, quality, advertising, products or any other content or banners (ad space) posted on the site. Read full terms and conditions / disclaimer.

📰 Also read:  Trading Volume vs. Onchain Volume - What is the Difference?

Shelly Melancon (Switzerland)

Shelly is a cryptocurrency enthusiast from Switzerland, she bought her first crypto in 2015 when it was way less popular then it is today and since 2017 she has been writing about cryptocurrency for online news portals. Shelly is the newest addition to the Tokenhell team, she writes mostly news and reviews related articles , stay tuned to her posts to stay up to date with the crypto world.

Leave a Reply

Your email address will not be published. Required fields are marked *

Back to top button
Close
Skip to content