Ether.fi, a liquid restaking protocol, recently emerged victorious over an effort to capture its domain on September 24. The attackers attempted to seize the platform’s domain through the registrant Gandi net.
Ether.fi responded quickly, and its security arrangements remained smooth to ensure no user funds or services were impacted.
The event started when Ether.fi received an email for domain recovery from Gandi.net. This led to an instant security response like the SPF, DKIM, and DMARC tests performed on the email coming through. When Ether.fi identified the likely risk, it froze its domain account immediately to prevent further manipulation.
As soon as Ether.fi became aware of the domain’s involvement in the attack, it reached out to Gandi.net through different means to safeguard the domain.
By 7:30 PM UTC, Gandi had confidently bought the domain and did not allow anyone to change it. This tried and failed, but Ether.fi quickly clarified that the attack did not penetrate any internal systems and users’ funds were not in danger.
Ether.fi Averts Domain Hijack with Swift Action
According to Ether.fi, it was able to respond to and avoid the attack because of specific security measures, such as hardware authentication. These measures helped to cover essential sites during the domain hijacking attempt and were of great importance for their protection.
Another significant factor in keeping control of the firm’s structure was its use of precise domain registrar security measures.
Gandi.net’s senior domain administrators identified and managed the threat through internal monitoring tools that strengthened Ether.fi’s domain protection.
Ether.fi only urged users not to visit the website until every function was checked and ratified. The company has also come out to reassure its users that the data or funds were not compromised and that operations have begun securely.
While Ether.fi investigates, the company works with Gandi.net to learn more about the attack. Both parties hope to complete a report in the next 48 hours. Ether.fi’s case is cautionary, as the DeFi ecosystem still grapples with weak domain security.
DeFi Firms Face Rising Cybersecurity Challenges
Ether.fi’s recent domain takeover is another recent example of security events in DeFi platforms. Recent attacks have exposed various areas of weakness across the sector, forcing firms to strengthen their protection regimes.
Despite the lack of success in most cases, we continue to see them threaten the integrity of user data and funds.
For instance, Ethena Labs had a similar experience this month when its domain registrar account was hacked.
However, the audience should know that even though the Ethena site ceased for a while, the users’ funds and the actual protocol remained intact. Ethena Labs warned users to be suspicious of any site that claimed to be affiliated with the company.
The suspects also targeted another cryptocurrency trading bot, Banana Gun, on September 19. The cybercriminals exploited some code weaknesses in the bot and siphoned off nearly $2 million in crypto coins. Such occurrences call for improved security measures to be implemented and adopted by the DeFi industry.
