- Squarespace domain issues expose over 100 DeFi protocols to phishing attacks.
- Web3 experts recommend pausing crypto interactions and moving domains to more secure providers.
- Blockchain-based domain verification could prevent similar incidents in the future.
The decentralized finance (DeFi) community is currently facing significant security threats due to a vulnerability in Squarespace’s domain management system. This flaw has already led to phishing attacks targeting several major DeFi protocols, prompting a response from both industry experts and companies affected.
Initially, the issue came to light when security researcher ZachXBT warned users through a Telegram post about a phishing site that had replaced the legitimate Compound Finance website. This incident marked one of the first major exploits resulting from the vulnerability.
Addressing Immediate Threats
Following the Compound Finance incident, other DeFi platforms, including Celer Network, reported attempts of similar attacks. Fortunately, Celer Network managed to fend off the phishing attempt successfully.
In an effort to help the community gauge the extent of the threat, DefiLlama developer “0xngmi” compiled and shared a list highlighting over 100 DeFi protocols that were potentially vulnerable to similar attack vectors. Notable names on the list included Polymarket, dYdX, and Pendle Finance.
Strategic Responses and Recommendations
As the situation developed, Bobby Ong, the founder of CoinGecko, shed light on the origins of the vulnerability. He explained that the transition of Google’s domain business to Squarespace led to the removal of two-factor authentication (2FA), significantly weakening security measures and making numerous domains prone to hijacking.
In response to these security lapses, Ong strongly advised the DeFi community to halt all crypto transactions until the vulnerability was fully addressed, suggesting a temporary retreat from crypto activities as the safest course of action.
Simultaneously, security researcher Samzsun recommended that those impacted should consider transferring their domain registrations to more secure providers such as Cloudflare or Amazon Web Services Route 53. This move could provide an added layer of security against such vulnerabilities.
Long-Term Solutions Through Blockchain Technology
Matthew Gould, CEO of Unstoppable Domains, proposed a blockchain-based solution to bolster domain security. He explained how verified on-chain records for domains could provide an additional verification layer that browsers and other services could utilize to prevent similar attacks in the future. Moreover, he discussed the possibility of enhancing security by requiring on-chain signatures for any updates to DNS records, which would complicate unauthorized changes by hackers.
