On July 29th, the liquidity staking protocol Kelp DAO reviewed the previous security incident: At 22:30 on July 22nd, Kelp's dApp began to display malicious wallet activity transactions, attempting to steal user funds. The Kelp team responded immediately, locking down the nameservers, restoring ownership access, and resolving the issue.
The attacker managed to convince GoDaddy's customer support to bypass 2-FA by impersonating the Kelp team. The Kelp team is taking precautions, including moving to another domain registrar and reinforcing alerts for abnormal UI behavior, among others. A small number of users have reported losing funds due to UI attacks, and the Kelp team is providing support.
Kelp DAO security incident analysis: Attackers bypass 2-FA verification by impersonating the Kelp team to convince GoDaddy's customer support
2024-07-29 08:25:52
Disclaimer:
1. The information provided does not constitute investment advice. Investors should make independent decisions and bear all risks themselves.
2. The copyright of this content belongs to the original author. The views expressed herein are solely those of the author and do not represent the stance or position of this website.
Previous article:
6只香港虚拟资产ETF今日成交额为2280.58万港元
