1 year ago
Before it was taken down, Ordswap users said the compromised website directed users to a phishing link.
Ordswap, a marketplace that allows users to inscribe, auction, and commercialized Bitcoin Ordinals, has devised a method for users to retrieve their backstage keys arsenic it scrambles to regain power of its website domain.
In an Oct. 10 X (Twitter) post, the Ordswap X relationship shared an online instrumentality that purports to assistance users who logged into the tract done MetaMask to retrieve their Ordswap backstage keys, allowing them to determination to different providers.
Source for metamask users to get cardinal is present disposable below. You are capable to import(hex) to Unisat. https://t.co/oETb7h7sA0 https://t.co/NGaaLiNNwW
— Ordswap (@ordswap) October 10, 2023Hours earlier, connected Oct. 9, Ordswap posted a stark informing to users not to link to its domain arsenic it was not successful power of it. It pinned the contented connected Netlify — a website improvement and hosting firm.
We are moving connected publishing root for metamask users to get their cardinal if they person not already. The contented appears to beryllium with Netlify, but we are inactive moving done it. https://t.co/uYGxJkzGfj
— Ordswap (@ordswap) October 9, 2023On the project’s Discord server, a subordinate of Ordswap’s squad and users reported that for a time, the website featured a fastener prompting users to link their crypto wallet successful an evident effort to phish users.
One X idiosyncratic reported the fastener was a wallet drainer — an increasingly fashionable tool deployed by crypto scammers. At the clip of writing, Ordswap’s website automatically redirected to a competing marketplace RelayX.
An Ordswap squad subordinate connected Discord claimed the task had not seen an interaction connected idiosyncratic backstage keys oregon assets owed to the breach but added users could beryllium compromised if they interacted with the site.
Ordswap enactment squad subordinate “Bitkorn” claims the task hasn’t seen idiosyncratic assets impacted by the wesbite breach. Source: DiscordRelated: FTX hacker could beryllium utilizing SBF proceedings arsenic a smokescreen: CertiK
In precocious September, the website for the Ethereum-based automated marketplace shaper Balancer was compromised successful a seemingly akin attack, with attackers making disconnected with around $240,000 worthy of funds.
Balancer aboriginal said it believed the exploiters undertook a societal engineering onslaught connected its DNS work supplier EuroDNS which allowed attackers to input a punctual to instrumentality users into approving a malicious declaration that drains their wallet.
Magazine: NFT Collector: Giant Swan’s gothic VR dreamscapes… royalty nightmare connected OpenSea
English (US) 