Mutit Gupta, Chief Information Security Officer at Polygon, announced on Friday that Ankr, the node infrastructure provider for its network, was hit by the Domain Name System (DNS) attack.
The attacker was able to hijack the RPCs of two crypto-related platforms, Polygon and Fantom. According to the information available, hackers may be trying to trick users into providing information about wallet seed phrases.
RPC is a type of software communication tool used to transfer data between networks.
Ankr revealed that he was working on an issue raised by a community member and advised him to use another RPC in place of the compromised RPC.
With an update of a tweet from Ankr co-founder Chandler Song, the hack was ” @gandibar Change the customer’s email address without approval. “
Gandibar is a popular domain name registrar.
Sandeep, co-founder of Polygon, confirmed that your funds were safe and advised you to use another RPC provider such as Infura.
Polygon attacker requests seed phrase
Available details indicate that the compromised RPC user received an error message instructing them to transfer funds immediately to another platform with the following address: polygonapp:[.]Net.
This will take you to a completely different page requesting a seed phrase.
Malicious players are constantly devising new ways and plans for deceiving unsuspecting individuals. Earlier today, the US Department of Justice charged six individuals with their role in various crypto crimes.
Other crypto projects were similarly attacked
In particular, a similar DNS attack occurred on June 24th, hijacking several DeFi projects. Some of the projects affected here were Convex Finance, Ribbon Finance, Allbridge, and DeFisaver.
According to the information available about the attack, all affected projects used Namecheap as their domain registrar.
According to a tweet from Namecheap CEO Richard Kirkendall, the attack was due to “a specific CS agent that was hacked or compromised,” but the company “removes all access from this agent.”