Hackers took control of access to sites on blockchain platform Waves and decentralized exchange Waves and DEX was able to make changes to them. Currently, control of the domain returned to the developers. This writes CoinDesk, citing a statement by CEO of platform Alexander Ivanov.
https://t.co/Yt4joBEtVZ website is back online. We had an unpleasant accident with DNS hijacking, fortunately it was resolved fairly quickly. No financial damage to user wallets occurred. Another reminder that cenralized current DNS system needs a major overhaul.
— sasha ivanov (@sasha35625) 24 Jul 2018
Phishing attack happened on July 24. According to Ivanov, the hackers forged his passport, which provided support domain company to change the password. However, due to the fact that exchange does not store customer funds, to transfer assets to attackers failed.
“To protect against such attacks, all members of kriptonyte should work on a decentralized domain name system”, — said Alexander Ivanov.
In turn, some experts have criticized the practice Waves, under which customers have to enter seed phrase to use the wallet platform.
We will add that following the independent audit of the company Kudelski Security in 2017, the Waves developers have fixed critical points about password storage from user wallets.
ForkLog previously reported that the client application Waves is officially out of development stage with key update for exchange Waves DEX. In particular, the developers have stated that the improved infrastructure has helped to improve the stability of operation of the exchange.
Source
