By Shelly Melancon (Switzerland)
Three days ago, a lot of Defi protocols built on the Binance Smart Chain platform announced on the bird app that they were experiencing a DNS attack. Hence, their sites weren’t accessible for the better part of that day. Today, Cream Finance has reported that they didn’t suffer any financial loss after the attack. It further disclosed that none of their smart contracts had any problem. Also, their partners and community were highly instrumental in helping them regain control of its DNS.
Cream Finance Tweet. Source: Twitter
Can GoDaddy Be Complicit in The Attack?
Cream Finance reported that the hacker attacked through its GoDaddy account where it registered its domain name. Thus, making it possible to redirect the domain name to a fictitious website. However, after a few hours, it reclaimed access to that domain name. Once the attacker hacked cream’s GoDaddy account, his first step was to change its domain records in there.
However, Cream Finance used Cloudflare’s security protocol to initiate a migration process. Then, it sought the help of Coingecko, Coinmarketcap and other leading industry analytics platform to upgrade the web link and deliver a warning. After reclaiming control, the Defi protocol utilized a decentralized frontend in the interplanetary file system (IPFS). Through the IPFS, Cream will never need to rely on a centralized as it is now in complete control.
Also read:A company representative stated that: “compared to GoDaddy, we can completely manage the ENS record. Thus, it would be highly unlikely that similar attacks will happen in the future.” The Cream also disclosed that access to the account is only possible through a Google single Sign-on (SSO), and since that won’t require a username and password, the google account manipulated.
Based on GoDaddy’s activity log, the attacker’s email address received a dubious password reset request. But, it didn’t log any request for a change in the email address. Curiously, it was impossible to have access to all GoDaddy’s activity logs during that period. Thus, arousing suspicions about the domain registrar company. When it tried to access all the logs, it received an error message: “unexpected error.”
But then, when Cream logged into its GoDaddy account and made some minor tweaks, the activity log was fully functional. Coincidentally, PancakeSwap experienced the same DNS attack. They too are built on BSC and their domain name was also registered with GoDaddy.
The hacker also used the same method to hack Cream Finance and PancakeSwap. Hence, cream concluded that it was the same hacker that tried to exploit both companies. Thus, they are implying that GoDaddy might be involved in the attack and who knows, they might be the ones that initiated the attack.
What Can We Learn from All This Situation?
First, much work still needs to be done about Defi protocols, especially on how their operations can rely less on centralized platforms such as amazon, google and GoDaddy. Since the finance market is still at its infant stage, Defi protocols will remain at the mercy of these tech giants till a properly decentralized platform is established.
At Tokenhell, we help over 5,000 crypto companies amplify their content reach—and you can join them! For inquiries, reach out to us at info@tokenhell.com. Please remember, cryptocurrencies are highly volatile assets. Always conduct thorough research before making any investment decisions. Some content on this website, including posts under Crypto Cable, Sponsored Articles, and Press Releases, is provided by guest contributors or paid sponsors. The views expressed in these posts do not necessarily represent the opinions of Tokenhell. We are not responsible for the accuracy, quality, or reliability of any third-party content, advertisements, products, or banners featured on this site. For more details, please review our full terms and conditions / disclaimer.