BleepingComputer reports that decentralized finance cryptocurrency exchange dYdX had its older v3 trading platform's website recovered after being breached in an intrusion believed to be part of the DNS hijacking attacks against DeFi platforms with Squarespace-registered domains.
With the impacted site potentially still being cached, users have been urged by dYdX to ensure that their browsers are restarted and caches cleared before visiting the website. "A fix to the DNS resolution has been implemented. However, due to caching, the issue may not be fixed for every user yet," said dYdX, which noted that the incident has not compromised smart contracts and funds on v3. Such a disclosure comes after Google Domain-registered web domains that transitioned to Squarespace were reported by cybersecurity researchers samczsun, Andrew Mohawk, and Taylor Monahan to have been taken over by threat actors through a vulnerability that deactivated management accounts' multi-factor authentication protections. Additional details regarding the domain hijacking process remain a mystery.
