Millions of digital assets have been stolen by cyber adversaries via DNS hijacking attacks for phishing purposes, targeting users’ wallet seed phrases, or creating deceptive webpages that closely resemble legitimate sites.

Attacks on Domain Name Systems (DNSs) play a crucial role in the internet’s infrastructure, providing insights into security incidents in Web 2 that have directly affected the Web3 industry. However, transitioning to decentralized frontends has emerged as a practical way to tackle these challenges, according to a recent report by CertiK.

DNS Hijacking of DeFi Protocols

DNS hijacking is an attack that targets a core component of Internet infrastructure. It has the potential to render a public DNS service inaccessible in certain scenarios, or it can be employed to reroute users to malicious websites, in other cases.

Typically, the attacker manipulates the DNS by substituting the mapping (DomainName, Legitimate IP) with (DomainName, MaliciousServer IP). This tampering enables them to intercept future users’ DNS queries, directing them to fraudulent websites without the users’ awareness, CertiK explained.

Users inadvertently access these deceitful sites via the compromised servers, exposing themselves to potential phishing attacks and the downloading of malware that can compromise their devices.

CreamFinance and PancakeSwap reported DNS hijacking attacks in 2021, two public RPC gateways offered by Ankr for Polygon and Fantom wallets were compromised via a DNS hijacking attack the following year. During the same period, Cronos-based DEX MM.Finance, Curve Finance, Celer Protocol, Fantom-based SpiritSwap, and Polygon-based QuickSwap also reported frontend breaches as a result of a DNS hijack attack.

These incidents essentially highlighted the significant impact of vulnerabilities in Web2 on the Web3 ecosystem due to the interconnected