DeFi Exchange Overcomes DNS Attack: Ambient Finance Recovers Domain
In a recent cybersecurity breach, Ambient Finance, a decentralized finance (DeFi) platform, successfully regained control of its domain after a domain name system (DNS) attack compromised its website. The attack occurred on October 17, 2024, when hackers gained control of the platform’s domain and inserted malicious links to steal assets. However, Ambient Finance reassured users that their smart contracts and funds remained safe throughout the incident.
Ambient Finance, founded in 2021, operates as a decentralized exchange (DEX) and raised $6 million in a seed round last year with support from major investors including Blocktower and Circle Ventures.
The DNS attack targeted Ambient Finance’s domain registrar credentials, allowing hackers to take control of the website interface. While the front end of the platform was compromised, the backend smart contracts and on-chain infrastructure remained unaffected. The Ambient Finance team promptly alerted users on social media, advising them not to interact with the site or perform any transactions. They recommended waiting for further updates before returning to the platform.
After two hours, Ambient Finance announced that they had recovered the domain. However, due to DNS propagation delays, users were advised to wait until the domain updates were fully completed before interacting with the site. The attack utilized a malware called Inferno Drainer, known for its ability to steal digital assets. Cybersecurity firm Blockaid analyzed the attack and discovered that the server used for the hack was set up just 24 hours before the breach occurred.
DNS-based attacks have become increasingly common in recent months, with other DeFi platforms like Ethena Labs also experiencing similar breaches. These attacks exploit vulnerabilities in a platform’s web infrastructure, particularly its domain registration, in order to deceive users into revealing sensitive information or engaging in malicious transactions. While the integrity of smart contracts and on-chain infrastructure is generally secure, front-end vulnerabilities like DNS attacks pose significant risks to users.
The quick recovery of Ambient Finance’s domain prevented further damage. However, the threat of cyber attacks in the DeFi space remains substantial. In the third quarter of 2024, crypto hacks and scams resulted in $413 million in losses, a decrease from the $686 million lost during the same period in 2023. Although the overall number of attacks may have decreased, the report highlights the ongoing risk to DeFi platforms.
In the most recent attack, Radiant Capital, a Binance-backed cross-chain lending protocol, was hacked on October 17, resulting in the theft of over $50 million in assets.
