Two Polygon, Fantom Front Ends Hit by DNS Attack

Two gateways provided by Ankr were exploited on Friday, but Polygon said there are no indications any funds were lost.

AccessTimeIconJul 1, 2022 at 1:36 p.m. UTC
Updated Jul 1, 2022 at 3:27 p.m. UTC
Consensus 2023 Logo
Join the most important conversation in crypto and Web3 taking place in Austin, Texas, April 26-28.

Shaurya is the Co-Leader of the CoinDesk tokens and data team, focusing on decentralized finance, markets, on-chain data, and governance across all major and minor blockchains.

Consensus 2023 Logo
Join the most important conversation in crypto and Web3 taking place in Austin, Texas, April 26-28.

Two remote procedure call (RPC) interfaces for the Polygon and Fantom blockchains were impacted in a domain name system (DNS) hijack attack on Friday, developers said.

RPC refers to a set of protocols that allow a client, such as MetaMask, to interact with a blockchain. DNS hijacking, on the other hand, is a type of cyber attack in which queries are manipulated in order to redirect users to malicious sites.

“Public RPC gateway provided by Ankr for Polygon (https://polygon-rpc.com) and Fantom (https://rpc.ftm.tools) were comprised via DNS hijack earlier today,” tweeted Mudit Gupta, Polygon's chief information security officer. “Use Alchemy or others while this is fixed.”

Gupta told CoinDesk in a Twitter direct message that the attack was a “middleware exploit.” He added: “No funds lost as far as we know but we are still investigating.”

Gupta added that decentralized applications (dapps) that used the RPC endpoint are currently unavailable. Meanwhile, at writing time, Gupta noted that Web3 infrastructure platform Ankr had regained access to its RPC accounts.

DISCLOSURE

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

CoinDesk - Unknown

Shaurya is the Co-Leader of the CoinDesk tokens and data team, focusing on decentralized finance, markets, on-chain data, and governance across all major and minor blockchains.


Learn more about Consensus 2023, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.


CoinDesk - Unknown

Shaurya is the Co-Leader of the CoinDesk tokens and data team, focusing on decentralized finance, markets, on-chain data, and governance across all major and minor blockchains.


Read more about