Is Polygon Under Attack? Hackers Target Polygon and Fantom
Ankr, a provider of blockchain infrastructure, announced on Friday that hackers were targeting some of the services it offered to Polygon and Fantom. Ankr reported that they are looking into their Polygon and Fantom Foundation Remote Procedure Calls on their Twitter account (RPC). They also offered temporary replacement RPCs. RPCs are a type of software communication tool used to transfer data between networks.
We are investigating some reported issues on our community @0xPolygon and @FantomFDN RPCs.— Ankr (@ankr) July 1, 2022
‼️For the time being, please use https://t.co/LcnNn1OIWH and https://t.co/LrPIztRL1y
The chief information security officer at 0xPolygon, Mudit Gupta, revealed on Twitter that a DNS hijack has compromised Ankr’s RPC gateway for Polygon (polygon-rpc.com) and Fantom (rpc.ftm.tools). He further said that his business has no control over the services rendered by third parties.
Public RPC gateway provided by Ankr for Polygon (https://t.co/NEQW6sEUKe) and Fantom (https://t.co/apZkmh2ERA) were comprised via DNS hijack earlier today.— Mudit Gupta (@Mudit__Gupta) July 1, 2022
Polygon and Fantom foundation have no control over services provided by others.
Use Alchemy or others while this is fixed.
Users Urged Not to Use The Network
Additionally, Fantom has urged its users not to make use of the hacked RPC. Gupta acknowledged working with Ankr and advised using Alchemy RPCs up until the problem is fixed. He also emphasized that Polygon is developing its own RPC in order to increase reliability.
The Polygon and Fantom networks are not available on Ambire Wallet’s wallets, it was disclosed. Users have also been urged by QuickSwap DEX to avoid using the compromised networks until additional details are available.
Attention please, attack on @0xPolygon is ongoing right now!— CIA Officer (@officer_cia) July 1, 2022
Users see an RPC error asking users to urgently reset their seed on polygonapp net (looks like this is wether DNS hijack or a form of a supply chain attack).
Just a scam popup to bring you to a page to put your seed. pic.twitter.com/fZxtlkKeDN
An error message urging users to transfer their payments to polygonapp[.]net is displayed to users of the hacked RPC. The fraud redirects customers to another page where they can enter their seed.
It’s unknown how much harm the attack caused. However, a long list of security flaws that Web3 companies must fix has recently been expanded to include a new attack vector that targets RPC endpoints.
The attack also follows a number of significant cryptocurrency attacks that occurred in July. The greatest target last month was Harmony, a decentralized exchange, when $100 million in platform funds were taken.
Bored Ape and Otherside NFT projects’ Discords were hijacked, while an exploit cost the Ethereum-based DeFi platform Inverse Finance $1.2 million.