Originally published on: September 25, 2024
Ether.fi, a leading decentralized finance (DeFi) staking protocol, recently thwarted a domain account takeover attack, ensuring the safety of user funds.
The attempted breach, which took place on Sept. 24, involved the domain registrar Gandi.net but was quickly intercepted by the diligent internal team at Ether.fi. Fortunately, no significant harm was caused during the attack.
The Ether.fi security measures, including “SPF, DKIM, and DMARC authentication records,” played a crucial role in identifying and preventing the attacker from presenting any malicious decentralized application (DApp) on Ether.fi-related domains.
The protocol took immediate action upon receiving a recovery notification email from Gandi.net and locked down its account by 7:30 pm UTC on the same day, protecting it from further tampering.
Prior to the incident, Ether.fi had already upgraded its security protocols to require hardware authentication for account recovery and management, anticipating similar attack vectors seen across other platforms.
Acknowledging the swift response from security partners like Seal911, Doppel, Ethena, and Distrust, Ether.fi assured its users through social media platforms that all funds were secure and that no malicious DApps were deployed on its domains.
Moving forward, Ether.fi emphasized that official communications would only be made through specific platforms like X or Discord, urging users not to interact with any links or emails to prevent potential security threats.
In conclusion, Ether.fi’s proactive security measures and rapid response demonstrate its commitment to safeguarding user funds and maintaining a secure DeFi ecosystem for its community.
