• Hundreds of DeFi protocols and dApps have been targeted by a domain registy attack, or DNS hijacking on July 11, as per Blockaid's twitter report.

• Several projects' DNS registries have been impacted, including getting control of Compound Finance's registy and failed attempt at Celer Network.

• Researchers noted that the Compound site started redirecting to a malicious token drainer app.

• Blockaid said that the target was domain names provided by Squarespace. This is following Squarespace's acquisition of Google Domains assets and the recent domain migration, making the hosting company attractive target.

• MetaMask was quick to respond too, saying that its users will see a warning on attempts to interact with the now malicious sites.

• Later, a DefiLlama developer posted a list of potentially affected domains. The list includes 100 domains, including dYdX, Polymarket, LooksRare, and others.

• Blockaid CEO Ido Ben-Natan said that around 228 DeFi protocol front ends are at risk, and that identified the association to Inferno Drainer kit across on-chain and off-chain infrastructure. But he noted that Blockaid is able to track the addresses and has been actively working on it.

• Unstoppable Domains founder Matthew Gould said that to offset DNS attack risks, his company's on-chain domain features are a valid solution, including the required signature verification before updates are allowed.

• DNS hijacking has become a rather popular attack technique in web3, considering the large exploitation of the Ledger Connect Library in December that affected almost the whole EVM ecosystem.

Read More

Market Update

News

SEC Ends Probe Into Paxos With No Actions On BUSD

The SEC has concluded its investigation into Paxos, the issuer of the Binance USD stablecoin, without taking any enforcement action. This decision comes after a year of scrutiny following a Wells notice that hinted at potential enforcement over Paxos' involvement with the dollar-backed BUSD. | Read More

Chainalysis Report Reveals $100 Billion in Illicit Crypto Since 2019

According to Chainalysis, crypto exchanges have received nearly $100 billion in crypto from illicit addresses since 2019. The year 2022 saw the highest influx, with $30 billion worth of illicit crypto being recorded. Chainalysis reports that 50% of illicit crypto funds are laundered through centralized exchanges. | Read More

Mastercard Integrates Account Opening API with Alchemy Pay

Mastercard and Alchemy Pay have joined forces to enhance the security and efficiency of digital payments. This partnership integrates Mastercard's account opening API with Alchemy Pay's services, aiming to streamline the registration process and bolster fraud detection. This is important for On & Off-ramp, NFT Checkout, and Crypto Card solutions. | Read More

Chainlink Data Feeds Are Live On Starknet

Chainlink Data Feeds have now been integrated into Starknet, a significant development for the DeFi community. This integration is part of the Chainlink SCALE program and aims to enhance the Starknet ecosystem by providing developers with scalable and secure data solutions. | Read More