DNS Attack Hits Two Polygon, Fantom Front Ends
- On Friday, Polygon reported that two Ankr-provided gateways were abused, although there are. No signs that any money was stolen.
- Decentralized Applications (DApps) that made use of the RPC endpoint are temporarily inaccessible, according to Gupta.
- Ankr, the Web3 infrastructure platform, has reclaimed access to its RPC accounts, according to Gupta.
The two gateways that were exploited on Friday are provided by Ankr. However, Polygon has stated that there are no indications any funds were lost as a result of the attack. It is not yet known how the attackers were able to exploit the gateways.
However, Polygon is working closely with Ankr to investigate the matter and find out how to prevent such attacks in the future. In the meantime, Polygon has advised users to be vigilant when using any gateway providers and to report any suspicious activity immediately.
Developers said that a domain name system (DNS) hijacking incident on Friday affected two remote procedure call (RPC) interfaces for the Polygon and Fantom blockchains.
A client, like MetaMask, may communicate with a blockchain via a set of protocols known as RPC. On the other side, DNS hijacking is a sort of cyberattack in which user requests are changed to drive people to dangerous websites.
According to Mudit Gupta, the chief information security officer at Polygon,
Public RPC gateway supplied by Ankr for Polygon and Fantom was breached via DNS hijack earlier today. Until this is repaired, use Alchemy or another.
Gupta described the attack as a “middleware exploit” in a Twitter direct message to CoinDesk. “No funds lost as far as we know, but we are still investigating,” he continued.
Web3 infrastructure platform Ankr has regained access to its RPC accounts as of the time of writing, Gupta continued. This means that decentralized applications (DApps) that used the RPC interface are once again accessible. Gupta advised anyone who was using a DApp during the outage to take precautions against possible phishing attacks.
Gupta stated that the Web3 infrastructure platform Ankr has reclaimed access to its RPC accounts as of the time of writing. This means that Decentralized Applications (DApps) that used the RPC interface are once again accessible. However, because there was an extended period of time during which the DApps were inaccessible, Gupta advised anyone who was using a DApp during the outage to take precautions against possible phishing attacks.