Two cryptocurrency projects simultaneously hit by DNS hijacking attacks
Now a days Two cryptocurrency portals are recently dealing with DNS hijacking attacks, i just want to let you know that are automatically redirecting the visitors to the malicious versions of their websites where hackers are trying to collect the seed phrases and private keys from the innocent visitors so they can access their wallets and steal money.
so you should be very careful because according to the messages posted by both companies on their official Twitter accounts, On March 15, 2021, Cream Finance’s DeFi project and PancakeSwap decentralized swap were cumulatively hit by the DNS attacks. Ergo, the visitors ended up on malicious sites, where the hackers tried to find out their seed phrases and secret keys in order to gain the access to wallets and steal their funds.
According to the information security specialists, who broke The Record sooner today, the same hackers is believed to be behind the both incidents as DNS records for both websites were automatically changed only in one minutes.
you should also know that Once the DNS records were pointed to the hackers IP addresses, visitors going to both websites were automatically redirected to the phishing websites where the hackers tried to collect the seed phrases and secret keys while using pop-ups same like the one shown below.
whereas, the nasty attackers could apparently conciliation the web hosting accounts of both the companies, and it is also possible that the employee of the GoDaddy was attacked but This may not be the possible also . But the question is whether this is the first incident, So it is very unfortunate that this is not a poly phenomenon like this: in March and November of last year, the employees of GoDaddy have already become victims of phishers.
Then the attackers easily penetrated the compromised system and altered the DNS for a number of resources referential to cryptocurrency and we hosting, including Escrow.com, Liquid.com, NiceHash.com, Bibox.com, Celsius.network, and Wirex.app.
Recently, the representatives of Cream Finance and PancakeWrap report that they have almost domain control, and that it is safe for most users to visit the sites