Polygon, Fantom Users Targeted in Ankr Gateway Hack

Share this text

The hack produced a popup window that inspired Polygon and Fantom customers to enter their pockets seed phrase. 

Hackers Compromise Gateways to Polygon, Fantom

Two Ankr RPC gateways for accessing Polygon and Fantom have been compromised. 

Hackers exploited a vulnerability to assault the node infrastructure’s gateways to Polygon and Fantom Friday. Customers who had accessed the Layer 1 networks through Ankr’s endpoints have been offered with a popup window that attempted to trick them into coming into their pockets seed phrase. “Funds are in danger,” the malicious be aware learn, accompanied by a hyperlink to an internet site prompting customers to enter their seed phrase. By gathering seed phrases, the hackers might acquire entry to their targets’ wallets to steal their funds. 

Ankr supplies entry to Proof-of-Stake blockchains by providing node endpoints, staking providers, and different merchandise. It’s thought of an important pillar of Web3 infrastructure alongside different related initiatives like Alchemy and Infura. Nonetheless, like most different node operators, it’s a centralized entity owned by an organization fairly than a DAO.

The pseudonymous safety researcher CIA Officer alerted customers to the hack on Twitter Friday, earlier than Polygon’s chief info safety officer Mudit Gupta put out a message urging customers to make use of Alchemy or an alternate node supplier till the bug is mounted. Gupta then added that Polygon would “work intently with Ankr to make sure this doesn’t occur once more” and teased plans of a decentralized RPC gateway venture. Ankr additionally confirmed the assault on Twitter, saying it was “investigating some reported points.” 

The complete scale of the exploit is at the moment unknown, and Ankr is but to put up a full report. Within the meantime, the group has directed Polygon and Fantom customers to 2 various RPC endpoints.

This story is creating and shall be up to date as additional particulars emerge. 

Disclosure: On the time of writing, the writer of this piece owned ETH, MATIC, FTM, and a number of other different cryptocurrencies. 

Share this text

Share:

Leave a Reply

Your email address will not be published.

GIPHY App Key not set. Please check settings