While the cryptocurrency market is still recovering and users are returning to old projects, a new danger has emerged from the very DeFi platforms that were once trusted: abandoned websites.
Websites that seem 'dead' may actually harbor the risk of wallet loss
A new scam tactic has been warned by the DeFi community: scammers are quietly buying up the domains of defunct DeFi projects and turning them into wallet theft traps. Unlike traditional scams like phishing or social engineering, this approach does not require hackers to actively lure victims – they just wait for old users to revisit familiar sites.
According to information from DeFiLlama's founder, 0xngmi, expired domains are being hijacked by bad actors. Users inadvertently revisit these sites and perform actions as before, unaware that the interface has been changed to trick them into signing transactions that withdraw all funds from their wallets.
Notably, a member of the Maker/Sky community discovered that the official domain of the Maker DAO subsidiary project – Sakura – is currently priced at... just one cent. This shows that anyone can seize control of domains that once belonged to famous projects if the original team has departed.
Understanding 'front-end attack' – a tactic targeting user habits
Most users today interact through the front-end – the visual interface of the website that helps them sign transactions via wallets like MetaMask. This interface does not interfere with the smart contract but can 'guide' user actions.
Front-end attacks typically take three main forms:
Domain hijacking (DNS hijack): Attacks on DNS providers to change the official website.
Cloning and scams: Creating near-identical copies of websites and disseminating them via X (Twitter) or Google with fake links.
Revamping abandoned interfaces: Like a new tactic – leveraging forgotten websites, modifying the interface to insert withdrawal transactions.
Even scarier, these websites may no longer have a maintenance team, leading to no one detecting or warning users. Once you revisit bookmarked links, the risk of losing all assets is very high if transactions are not carefully checked.
Threats in DeFi are not limited to interfaces
Front-end attacks are just the 'tip of the iceberg'. In the DeFi world, users also face many greater risks:
Exploited smart contract: Just this week, KiloEx exchange lost $7.5 million due to a flaw in the price oracle system. This type of attack targets the core of the platform.
Multisig compromised: Recently, $5 million in ZK tokens from an airdrop were stolen due to a 1-of-1 multisig wallet being exposed.
Internal risks from the development team: Some projects have witnessed teams withdrawing liquidity, selling tokens off OTC, or even being exploited by malicious members withdrawing funds through backdoors. The latest example is The Roar project, which lost $780,000.
Lessons learned for the crypto community
This event serves as a strong warning to all users operating in the DeFi space. Even if a project may have ceased operations, returning to an old website without careful checking can still lead to serious losses.
To minimize risks, users should:
Always check transactions carefully and do not revisit old sites that are no longer officially maintained.
Avoid signing transactions if you are not 100% sure of the transaction content.
Use wallets that have detailed transaction preview features like Rabby or other advanced wallets.
Prioritize direct interaction with smart contracts through block explorers like Etherscan if you have technical experience.
Connecting with the crypto market and Binance users
With the growth of DeFi, new types of risks like this can directly impact user trust, especially those who have interacted with decentralized platforms. Users on Binance – who are familiar with integrated DeFi products like Liquid Swap, Earn, or Web3 Wallet – also need to enhance their security awareness when transitioning to use interfaces outside of the Binance ecosystem.
This is a crucial time for major exchanges like Binance to continue investing in risk alert tools, secure Web3 wallets, and support users in checking transactions before signing. For new users, focusing on vetted platforms with clear security support is a safer step during this rapidly evolving yet volatile phase of DeFi.
Risk warning: Investing in cryptocurrencies and DeFi products carries many risks. Always research thoroughly, protect your personal wallet, and only interact with trusted platforms. Crypto is not suitable for everyone, and the loss of capital is entirely possible.