During the midday of 15th March 2021 the crypto feed appeared to get dominated by a suspected hack of pancakeswap's website with its official tweet handle tweeting out at the time about a suspected DNS (Domain Name System) hijacking which appeared to affect both cream.finance and pancakeswap.finance
The worry of the Pancake Swap team very quickly turned out to be true with the DNS registry getting updated, essentially meaning that an attacker has managed to update what Server IP the domain was pointing to. As a result when visiting the site as a user we've faced a cloned version of the site with an extra malicious prompt attempting to make the user insert their seed/private keys which were sent over to a hostile server and drained out of funds.
Within about 2 hours the Pancake Swap team has managed to regain the access to the DNS updating the records to point back to their own servers, however noting that due to the DNS propagation could still be affecting the users in some regions and stressed the importance of never entering private or seed phrase on the site in a tweet
While there is no incident response with an analysis just yet coming out from the Pancake Swap nor Cream Finance teams, speculatively I believe there are chances that a social engineering attack could've been pulled off on its DNS Registrar which according to lookup.icann.org is GoDaddy, in fact when looking up both cream.finance and pancakeswap.finance both share the same registrar. With a similar incidents reported in the past of popular crypto domain take overs which I've posted about around November of 2020.
I've personally taken a very small position in CAKE at the time of the FUD and Pancake Swap confirming they've regained the access as I believe although a damage was done, at the time with the information provided and researched into I felt the chances are that the damage was not substantial enough to affect the project in the long run.
The hope and the bet taken is on the professionalism and fixes the Pancake Swap team is going to come out with. I personally would be encouraged to see the team announce and start working on decentralization of its interface, with Uniswap being a great example which utilizes IPFS (InterPlanetary File System) gateways for making its interface (aka frontend) available more securely and in a more decentralized manner.
Uniswap can be taken as one of good examples, it open sources its interface via github and hosts it on multiple IPFS gateways. Back in the middle of November 2020 I've wrote an article, coincidentally at the time when Uniswap primary site has went down, it did however highlight that by no means they were unavailable. Many smart guys knew there were alternative gateways to access the site or even downloading the project and running it from their local machine, which perhaps got them some quick gains while the average Joes waited until @Uniswap has tweeted out instructions.
So far the Pancake Swap team has managed to reclaim most regions in terms of DNS propagation which should finally put an end on users being presented scammy version and has slightly alleviated the price drop by burning few millions of $CAKE
Accumulate Crypto daily
Originally posted on read.cash