Blockchain Firm Unsure if Customers Affected by Banking Fraud
The blockchain framework provider doesn't know if any of its users were affected by the banking fraud since the funds of the firm's clients weren't stolen.
Ankr, a company that provides node endpoints, staking services, and other products to proof-of-stake blockchains is known for its work with Web3 infrastructure. On Friday, the hacker used Ankr's domain name system (DNS) to trick users on Polygon and Fantom network into forfeiting their seed phases in a scam-like pop-up. The project soon corrected the human mistakes and stated that no funds were lost because of this incident.
Attackers have tried to penetrate the Polygon and Fantom networks by exploiting their gateways.
Soon after independent security research "CIA Officer" revealed the attack, Polygon CTO Mudit Gupta took it to Twitter again and urged users to use alternative services while things were being fixed. At the same time, he identified the leading player responsible for such an incident of infrastructure failure:
We’ll work closely with Ankr to ensure this does not happen again.
We are also working on a more decentralized alternative as a research project and a foundation owned RPC node for more reliability.
— Mudit Gupta (@Mudit__Gupta) July 1, 2022
Ankr released a full statement on Twitter shortly after the attack, assuring users that it had been quickly "neutralized." In addition, the firm said that only two free-to-use public remote procedure call (RPC) interfaces for Fantom and Polygon were breached on an external site; all core services were unaffected, according to Ankr.
The exploit took place when the hacker reportedly deceived a third-party DNS provider and tricked Gandi, Ankr's web service provider, into changing the email address for the domain registrar account.
Through this method, Ankr's endpoints allowed users to access blockchains and receive a phishing phase that asked them to urgently reset their seed on PolygonApp. If affected users' seed phases were stolen, the hackers could steal their funds.
Although Ankr is still trying to understand what Gandi accepted as proof for this change, the compromise may have something to do with its domains as "a centralized point of failure."
3/ Current status:
At this moment, Ankr has fully regained access to our Domain account, and our services are restored. None of Ankr’s systems were affected.
— Ankr (@ankr) July 1, 2022
In October 2017, the company's database was hacked.
It's no longer uncommon for a third party's error to lead to crypto platforms being compromised. Just days ago, the largest NFT marketplace, OpenSea, reported a data breach and blamed it on an employee of Customer.io, a third-party platform hired by the company.
OpenSea warned its customers to be on the lookout for suspicious emails, phone calls, and messages after a leak of data about its customers was publicized.