Two Polygon, Fantom Front Ends Hit by DNS Attack
Two gateways provided by Ankr were exploited on Friday, but Polygon said there are no indications any funds were lost.
Two remote procedure call (RPC) interfaces for the Polygon and Fantom blockchains were impacted in a domain name system (DNS) hijack attack on Friday, developers said.
RPC refers to a set of protocols that allow a client, such as MetaMask, to interact with a blockchain. DNS hijacking, on the other hand, is a type of cyber attack in which queries are manipulated in order to redirect users to malicious sites.
“Public RPC gateway provided by Ankr for Polygon (https://polygon-rpc.com) and Fantom (https://rpc.ftm.tools) were comprised via DNS hijack earlier today,” tweeted Mudit Gupta, Polygon's chief information security officer. “Use Alchemy or others while this is fixed.”
Gupta told CoinDesk in a Twitter direct message that the attack was a “middleware exploit.” He added: “No funds lost as far as we know but we are still investigating.”
Gupta added that decentralized applications (dapps) that used the RPC endpoint are currently unavailable. Meanwhile, at writing time, Gupta noted that Web3 infrastructure platform Ankr had regained access to its RPC accounts.
The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.
Learn more about Consensus 2023, CoinDesk’s longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.