External interfaces of Polygon and Fantom were attacked using DNS

Polygon’s cybersecurity specialist warned that two RPC gateways for Polygon and Fantom provided by Ankr have been hacked. At the same time, user funds were not affected.

Polygon Chief Information Security Officer Mudit Gupta reported on Twitter that on July 1, two remote procedure call (RPC) interfaces for the Polygon and Fantom blockchains experienced a Domain Name System (DNS) hijacking cyberattack.

“The public RPC gateway provided by Ankr for Polygon and Fantom was hacked today via DNS takeover. Use Alchemy or others until this is fixed,” Gupta warned.

RPC refers to a set of protocols that allow a client such as MetaMask to interact with the blockchain. DNS hijacking is a type of cyberattack in which attackers manipulate requests to redirect users to malicious sites.

Gupta specified that the attack was based on “exploitation of middleware.” Decentralized applications that used the RPC endpoint are not currently available. At the same time, the Web3 infrastructure platform Ankr has already regained access to its RPC accounts.

“To our knowledge, no funds have been lost, but we are still investigating,” Gupta said.

As a reminder, according to a recent report by BestBrokers, blockchains have begun to experience fewer hacks as the decentralized finance (DeFi) market has become a more favored target for hackers due to a large amount of venture capital money and security concerns.

So, last month, the decentralized financial lending service Inverse Finance was hacked for the second time in two months using an instant loan exploit. This time the hackers stole $1.2 million in BTC and USDT. In March, DeFi protocol Li Finance lost $600,000 of crypto assets due to a vulnerability in a smart contract.