Several DeFi apps have been targeted by a domain hijacker who may have discovered an exploit in Squarespace’s registry system, Blockaid stated.
Multiple decentralized finance (DeFi) apps have been targeted in a domain registry attack on July 11, according to an X post from blockchain security platform Blockaid. The attacker has taken control of the DNS registry for Compound Finance and has attempted but failed to take control of Celer Network’s registry.
After a preliminary investigation, Blockaid concluded that the attacker is targeting domain names provided by Squarespace, potentially putting any DeFi app with a Squarespace domain at risk.
Security researchers first became aware of the attack when the Compound interface at compound.finance began redirecting to a malicious website. The malicious site was equipped with a drainer app that attempted to steal users’ tokens.
