DeFi Exchange Defeats DNS Attack: Ambient Finance Recovers Domain

Cyber-attack Domain Name System Attack
Ambient Finance has successfully recovered its domain after a DNS attack compromised its website, assuring users that their smart contracts and funds remained safe throughout the incident.
Last updated:
Journalist
Journalist
Hassan Shittu
About Author

Hassan, a Cryptonews.com journalist with 6+ years of experience in Web3 journalism, brings deep knowledge across Crypto, Web3 Gaming, NFTs, and Play-to-Earn sectors. His work has appeared in...

Last updated:
Why Trust Cryptonews
Cryptonews has covered the cryptocurrency industry topics since 2017, aiming to provide informative insights to our readers. Our journalists and analysts have extensive experience in market analysis and blockchain technologies. We strive to maintain high editorial standards, focusing on factual accuracy and balanced reporting across all areas - from cryptocurrencies and blockchain projects to industry events, products, and technological developments. Our ongoing presence in the industry reflects our commitment to delivering relevant information in the evolving world of digital assets. Read more about Cryptonews
Ad DisclosureWe believe in full transparency with our readers. Some of our content includes affiliate links, and we may earn a commission through these partnerships.

In a critical cybersecurity breach on October 17, 2024, Ambient Finance, a decentralized finance (DeFi) platform, was targeted by a domain name system (DNS) attack that compromised its website.

Hackers gained control of the platform’s domain, inserting malicious links to steal assets. However, Ambient Finance has regained control of its domain, assuring users that their smart contracts and funds remained safe throughout the incident.

Ambient Finance was founded in 2021 and operates a decentralized exchange (DEX). Last year, it raised $6 million in a seed round with backing from major investors such as Blocktower and Circle Ventures.

Ambient Finance DNS Attack: How Badly Was the Exchange Affected?

The attack began when hackers breached Ambient Finance’s DNS, redirecting users to malicious links to steal their assets.

The team quickly responded by alerting users on social media platform X, urging them not to interact with the site, connect their wallets, or sign any transactions.

The team tweeted on X:

“The Ambient Finance website domain has been hijacked and compromised. The issue is isolated to the frontend website; contracts and funds are safe.”

They clarified that users should wait for further updates before returning to the platform.

DNS attacks like this target a platform’s domain registrar credentials, giving hackers control over the website interface.

This attack typically focuses on the platform’s front end, as the backend smart contracts — the heart of decentralized systems — remain unaffected.

In Ambient Finance’s case, the team quickly reassured users that while the website had been compromised, the integrity of their smart contracts and on-chain infrastructure was not jeopardized.

Two hours after the attack was first reported, Ambient Finance updated users, confirming they had recovered the domain.

However, due to DNS propagation delays, the team recommended that users only interact with the site once the domain updates were fully completed.

The malware used in the attack, identified as Inferno Drainer, is notorious for its ability to steal digital assets.

Cybersecurity firm Blockaid analyzed the attack and revealed that the server used to orchestrate the hack was set up just 24 hours before the breach occurred.

Despite the attack’s speed, Ambient Finance regained control of its domain relatively quickly.

Growing Threat of Cyber Attacks in DeFi

DNS-based attacks have become more prevalent in recent months, and other prominent DeFi platforms like Ethena Labs have also experienced similar breaches just this year.

These attacks typically exploit vulnerabilities in a platform’s web infrastructure, particularly its domain registration, and aim to trick users into revealing sensitive information or signing malicious transactions.

In Ambient Finance’s case, the quick recovery of its domain likely prevented more extensive damage.

While smart contracts and on-chain infrastructure often remain secure, front-end vulnerabilities like DNS attacks can still pose significant user risks.

In September, the automated market maker Balancer suffered a front-end exploit following a social engineering attack, and several other platforms have been similarly compromised in recent months.

According to a recent report by Immunefi, crypto hacks and scams in the third quarter of 2024 amounted to $413 million in losses, a significant decline from the $686 million lost during the same period in 2023.

The report shows that while the overall number of attacks may have decreased, the threat to DeFi platforms remains substantial.

As of the latest attack in Defi space, Radiant Capital, a Binance-backed cross-chain lending protocol, was hacked on Wednesday, October 17, resulting in over $50 million in stolen assets.

More Articles

Bitcoin News
Alabama Man Eric Council, Jr. Arrested For SEC SIM Swap Attack
Julia Smith
Julia Smith
2024-10-17 21:10:24
Altcoin News
Instagram of Dogecoin Mascot Kabosu Hacked to Promote Rug Pull
Harvey Hunter
Harvey Hunter
2024-10-17 15:30:08
Crypto News in numbers
editors
Authors List + 66 More
2M+
Active Monthly Users Around the World
250+
Guides and Reviews Articles
8
Years on the Market
70
International Team Authors