- dydx.exchange recovered after a DNS hijack, urging users to clear their cache to avoid the compromised site.
- dYdX v3 platform compromised as attackers created a fake site to steal tokens; v4 platform remains secure.
- Despite recovery, wallet extensions like MetaMask and Phantom may still show warnings when connecting to dydx.exchange.
The decentralized crypto-exchange dYdX announced that it has successfully recovered its website, dydx.exchange, following a DNS hijacking attack that compromised the site. The recovery was completed by dYdX Trading Inc., who warned users to clear their cache to avoid interacting with the malicious version of the site.
dYdX v3 Platform Compromised
The incident began on July 23, 2024, when dYdX’s on-chain trading service, specifically the v3 platform, was compromised. The company swiftly alerted users via social media, advising them to avoid visiting the site until further notice. The hijacking did not affect the underlying smart contracts, thus traders’ funds remained secure.
Fake Website Created to Steal Tokens
In an official statement, dYdX clarified that the attacker had taken control of the v3 domain and created a clone of the website. This fake site tricked users into approving transactions that allowed the attacker to steal valuable tokens. Despite the severity of the attack, the dYdX v4 platform, which handles a significantly higher volume of trading, remained unaffected. The timing of the attack was particularly notable as it coincided with reports from Bloomberg that dYdX v3 was up for sale, attracting interest from major market players like Wintermute.
dYdX Team Recovers Website in Three Hours
Within three hours of the initial compromise announcement, the dYdX team managed to restore control over the dydx.exchange website. They then issued instructions for users to clear their browser caches to ensure they would not accidentally access the compromised version of the site.
Despite the recovery, some wallet extensions such as MetaMask and Phantom may still show warnings when connecting to the site. dYdX assured users that these warnings should be resolved shortly and reiterated that other services like the dYdX Chain and the v3 Protocol were never compromised and remain safe to use.
Increase in Crypto Hacks in 2024
This incident follows a recent significant hack on the Indian cryptocurrency exchange WazirX, where over $230 million was stolen, marking it as the second-largest crypto hack of 2024. The surge in such cyber-attacks highlights the ongoing vulnerabilities within the crypto space.
North Korean Hackers Suspected in $235 Million WazirX Cryptocurrency TheftAccording to a report by Merkle Science, the first quarter of 2024 saw hackers steal $542.7 million worth of digital assets, a 42% increase from the same period in 2023. The majority of these losses were attributed to private key leaks rather than smart contract vulnerabilities, which have seen a substantial decline in associated losses.