SNEAK PEEK
- Changpeng Zhao of Binance recently stated that no Web3 projects should use GoDaddy DNS as it is insecure and prone to social engineering.
- This comes amid Curve.Finance got its DNS hijacked in the past hour when a hacker put a malicious contract on the home page.
- The malicious contract led to the damage of around $570K, and the situation is currently being monitored.
In a recent Twitter thread, the CEO of the popular crypto exchange Binance, Changpeng Zhao, revealed that Curve. Finance got its DNS hijacked early on August 10.
This happened when a malicious contract was put by a hacker on the home page. As soon as the victim approves the contract, the wallet will be drained on the spot. Till now, a loss of around $570k has been noted, and the situation is being monitored at present.
Curve. finance had their DNS hijacked in the past hour. Hacker put a malicious contract on the home page. When the victim approved the contract, it would drain the wallet. Damage is around $570k so far. We are monitoring.
— CZ 🔶 Binance (@cz_binance) August 9, 2022
Adding further to the thread, CZ revealed that Curve.Finance utilizes GoDaddy for DNS, which is highly insecure. He spoke against the use of GoDaddy for Web3 projects and stated that no Web3 projects should be using GoDaddy as it is highly susceptible to social engineering.
In addition, CZ clarified that he is not making any product recommendations or endorsements. However, he wanted users to pay attention to conducting some research on what Google, Microsoft, and Apple are using.
I don’t want to make product recommendations. But I recommend researching what Google, Apple, Microsoft use. I don’t know/remember which specific providers they use. There are a few secure ones.
— CZ 🔶 Binance (@cz_binance) August 10, 2022
He revealed that, at present, he is unaware of the specific DNS providers that these giants are using, but he is sure of one thing they are a few of the most secure ones. Unfortunately, this marks another exchange going down to dust, adding to the list of exchanges and wallets being compromised this year.
The crypto community thanked CZ for his prompt response while in the middle of dealing with protecting users.