Renowned decentralized finance staking protocol, Ether.fi has revealed that no users’ funds were lost during a recent attack. The DeFi platform on Tuesday took to their X page to discuss how an attacker allegedly attempted to take over their domain account takeover.
As revealed, on Monday, the hacker tried to hijack the domain through its registrar, Gandi.net. However, the Ether.fi team swiftly noticed the attack and neutralized it before the hacker could make any damage.
Additionally, the core team indicated that due to its fast action, the bad actor couldn’t deploy any malicious decentralized application to all domains related to Ether.fi. While illustrating how the attack unfolded, the project confirmed that the hacker initiated the breach on Monday when it received a recovery notification mail from Gandi.net around 4:38 pm UTC.
It is worth mentioning that the attempt to breach the domain of Ether.fi surfaced shortly after the DeFi protocol signed a $600 million deal with Omni network. Recall that in March, Ether.fi invested $600 million in Omni to support the network in securing its mainnet and testnet.
During that period, Ether.fi became the world’s largest liquid restaking protocol with a total value locked of $1.88 billion. Now, according to DefiLlama, the protocol has a TVL of $6.29 billion.
How Ether.fi Managed to Mitigate the Attack
According to the protocol, the attacker attempted to use the legitimate Gandi recovery flow to access its account on the site. In response, Ether.fi immediately reached out to Gandi across various platforms which led to the shutdown of the firm’s account to avoid damages.
Meanwhile, before the attack, Ether.fi completed some security upgrades due to the growing attack on crypto projects. Some weeks back in an official Gitbook post, the DeFi protocol highlighted the increase in the security breach of similar projects across numerous platforms.
Hence, as part of its safety-first approach, the protocol upgraded some crucial platforms required for hardware authentication for account management and recovery processes. Similarly, in the post, Ether.fi discussed how the security upgrades proved useful in mitigating the attack.
Further, the DeFi protocol went on to urge its users to avoid clicking on any links or interacting with the domain. Also, Ether.fi added that it will only communicate with community members through its X or Discord page.
The firm emphasized that it will never attempt to initiate a conversation with any community member through email. Lastly, Ether.fi expressed gratitude to its security partners like Seal911, Doppel, Ethena, and Distrust, for offering fast assistance during the attack.
Read More: