News
Market
Knowledge
Reviews
Recommended
Upcoming Event
Coin
Glossary
Convert
Newsletter

Sign up for Newsletter
Signup for our newsletter to get notified about sales and new products. Add any text here or remove it.
Error: Contact form not found.

SpiritSwap’s domain identity was stolen and the supply code transformed

May 15, 2022 - Around 2 mins mins to read

On the morning of May 14, many projects in the cryptocurrency market were constantly attacked with vulnerabilities mainly revolving around domain name and UI issues. The newest name on this list is SpiritSwap – the top AMM on the Fantom (FTM) ecosystem.

SpiritSwap’s domain identity was stolen and the supply code transformed — SpiritSwap domain identity was stolen

On its Twitter page, SpiritSwap explained the recent incident related to vulnerabilities from GoDaddy.

1/
Update:

Initially we thought the issue may have been with AWS, however after further diagnosis, we have identified that the hacker has managed to exploit Godaddy, essentially they have hijacked our domain and copied our codebase and in the process changed the swap parameters
— SpiritSwap (@Spirit_Swap) May 13, 2022

Also, according to SpiritSwap, this is not a problem related to the code of the smart contract. Instead, these are purely UI issues.

This DEX exchange also warns users not to interact with spiritswap.finance for the time being before the latest updates from the project are available.

UPDATE

Our current game plan is as follows.

1. Wait for Godaddy to take current domain down
2. Redeploy site on new domain (if we can not regain control of original domain)
3. Reenable router swaps
4. Conduct post analysis and update the game plan after we have full details
— SpiritSwap (@Spirit_Swap) May 13, 2022

This is not the initial incident involving the product or service interface in the cryptocurrency sector. QuickSwap – AMM on the Polygon (MATIC) ecosystem also has a similar problem when the domain name of this project has also been stolen.

⚠️DO NOT SWAP⚠️

Similar to other protocols hosted on @GoDaddy, QuickSwap has been domain hijacked

Funds in LPs, the Dragon's Lair, Syrup Pools, & YOUR wallets are safe

Only swaps have been affected. Please DO NOT SWAP

We are working to resolve the problem & will update ASAP
— QuickSwap ⚖️ Up to 50x Leverage (@QuickswapDEX) May 14, 2022

Also, on Saturday morning, in turn, Coingecko, DexTool, and even Etherscan were attacked by phishing attacks, tricking users into connecting wallets to strange contracts, thereby profiting from withdrawing money from hackers.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join CoinCu Telegram to keep track of news: https://t.me/coincunews

Follow CoinCu Youtube Channel | Follow CoinCu Facebook page

Harold

CoinCu News

Scam Alert

SpiritSwap’s domain identity was stolen and the supply code transformed

On the morning of May 14, many projects in the cryptocurrency market were constantly attacked with vulnerabilities mainly revolving around domain name and UI issues. The newest name on this list is SpiritSwap – the top AMM on the Fantom (FTM) ecosystem.

SpiritSwap’s domain identity was stolen and the supply code transformed — SpiritSwap domain identity was stolen

On its Twitter page, SpiritSwap explained the recent incident related to vulnerabilities from GoDaddy.

1/
Update:

Initially we thought the issue may have been with AWS, however after further diagnosis, we have identified that the hacker has managed to exploit Godaddy, essentially they have hijacked our domain and copied our codebase and in the process changed the swap parameters
— SpiritSwap (@Spirit_Swap) May 13, 2022

Also, according to SpiritSwap, this is not a problem related to the code of the smart contract. Instead, these are purely UI issues.

This DEX exchange also warns users not to interact with spiritswap.finance for the time being before the latest updates from the project are available.

UPDATE

Our current game plan is as follows.

1. Wait for Godaddy to take current domain down
2. Redeploy site on new domain (if we can not regain control of original domain)
3. Reenable router swaps
4. Conduct post analysis and update the game plan after we have full details
— SpiritSwap (@Spirit_Swap) May 13, 2022

This is not the initial incident involving the product or service interface in the cryptocurrency sector. QuickSwap – AMM on the Polygon (MATIC) ecosystem also has a similar problem when the domain name of this project has also been stolen.

⚠️DO NOT SWAP⚠️

Similar to other protocols hosted on @GoDaddy, QuickSwap has been domain hijacked

Funds in LPs, the Dragon's Lair, Syrup Pools, & YOUR wallets are safe

Only swaps have been affected. Please DO NOT SWAP

We are working to resolve the problem & will update ASAP
— QuickSwap ⚖️ Up to 50x Leverage (@QuickswapDEX) May 14, 2022

Also, on Saturday morning, in turn, Coingecko, DexTool, and even Etherscan were attacked by phishing attacks, tricking users into connecting wallets to strange contracts, thereby profiting from withdrawing money from hackers.

DISCLAIMER: The Information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Join CoinCu Telegram to keep track of news: https://t.me/coincunews

Follow CoinCu Youtube Channel | Follow CoinCu Facebook page

Harold

CoinCu News

Visited 54 times, 3 visit(s) today