Back in late June, news of an interesting DNS hijack attack came out of the midst of the hot DEFI market, which highlighted the dangers of treating domain names and DNS as a utility, especially when operating in the crypto market. I mean $100’s of thousands in fake smart contract losses dangerous. Specifically, there were reports by a few providers such as Convex ... View Post
articles
Protecting your DNS and Domains from Attack
“Unprecedented Times” is common nomenclature these days and used to justify radical and previously unthinkable societal changes on an almost daily basis. This has rocked our ability to feel secure and stable, resulting in feelings of great uncertainty that touches each one of us. Including every one of your employees and supplier’s employees. Therefore, it is ... View Post
How Perl.com could have avoided Hijacking
For a week we lost control of the Perl.com domain. Now that the incident has died down, we can explain some of what happened and how we handled it. This incident only affected the domain ownership of Perl.com and there was no other compromise of community resources. This website was still there, but DNS was handing out different IP numbers. An interesting article was ... View Post
Ledger users lose 1.1M XRP via homoglyph attack
Many crypto-currency holders use Ledger hardware wallets to store their bitcoin off the exchanges. This is actually the safer way to play it, except when you fall prey to a phishing campaign to lure you to a fake site to update your firmware that instead, drains your wallet. Unfortunately even when employing a hardware wallet, you still have be on your guard ... View Post
How Cybercriminals Profit by Tapping Your Email
A few days ago I came across the CBC story on how a Canadian man had been defrauded out of $800,000 when cybercriminals inserted themselves into a real estate deal and had the funds diverted to themselves: ... View Post
Why You Must Learn to Love DNSSEC
(This is a reprint of an article originally run on our parent company's blog in June 2018). It’s been nearly two months since the high profile BGP hijack attack against MyEtherwallet, where crypto thieves used BGP leaks to hijack MEW’s name servers, which were on Amazon’s Route53, and inserted their own fake name servers which directed victims to ... View Post