In an alarming development, the crypto exchange dYdX has announced that its version 3.0 website has been compromised in a sophisticated DNS attack. According to a social media post from the exchange’s team, an attacker has installed a malicious program on the official domain for dYdX v3, which is located at dydx.exchange.
Users are being urgently advised not to visit the v3 website or click any links associated with it until further notice. The team reassured users that the version 4.0 platform on the Cosmos blockchain remains secure and fully operational.
Despite the breach, dYdX has confirmed that the app’s smart contracts and user funds are safe. The issue is isolated to the user interface, meaning that deposits should not be at risk. However, users are cautioned against attempting withdrawals via the compromised site.
The modus operandi of the dYdX website attack appears to be similar, targeting users’ wallets once connected. If a user with an active wallet connects to the site and signs a request, their account could be drained of its funds.
As of now, the dYdX team has not provided specific details on how the domain name was hijacked. However, DNS hijacking attempts against Web3 protocols have been on the rise.
This incident highlights the growing threat of DNS hijacking in the crypto space and underscores the importance of vigilance and robust security measures. Users are encouraged to stay informed through official channels and avoid interacting with potentially compromised platforms.