Ankr, a provider of blockchain infrastructure, announced on Friday that hackers were targeting some of the services it offered to Polygon and Fantom. Ankr reported that they are looking into their Polygon and Fantom Foundation Remote Procedure Calls on their Twitter account (RPC). They also offered temporary replacement RPCs. RPCs are a type of software communication tool used to transfer data between networks.
The chief information security officer at 0xPolygon, Mudit Gupta, revealed on Twitter that a DNS hijack has compromised Ankr’s RPC gateway for Polygon (polygon-rpc.com) and Fantom (rpc.ftm.tools). He further said that his business has no control over the services rendered by third parties.
Users Urged Not to Use The Network
Additionally, Fantom has urged its users not to make use of the hacked RPC. Gupta acknowledged working with Ankr and advised using Alchemy RPCs up until the problem is fixed. He also emphasized that Polygon is developing its own RPC in order to increase reliability.
The Polygon and Fantom networks are not available on Ambire Wallet’s wallets, it was disclosed. Users have also been urged by QuickSwap DEX to avoid using the compromised networks until additional details are available.
An error message urging users to transfer their payments to polygonapp[.]net is displayed to users of the hacked RPC. The fraud redirects customers to another page where they can enter their seed.
It’s unknown how much harm the attack caused. However, a long list of security flaws that Web3 companies must fix has recently been expanded to include a new attack vector that targets RPC endpoints.
The attack also follows a number of significant cryptocurrency attacks that occurred in July. The greatest target last month was Harmony, a decentralized exchange, when $100 million in platform funds were taken.
Bored Ape and Otherside NFT projects’ Discords were hijacked, while an exploit cost the Ethereum-based DeFi platform Inverse Finance $1.2 million.