Ordswap Fights Domain Breach; Warns Users while Aiding Private Key Recovery
Summary:
Ordswap, a Bitcoin Ordinals marketplace, is strategizing to help users retrieve their private keys after losing control of its website domain. The issue, pinned on web host Netlify, prompted Ordswap to warn users against connecting to their site. The site, which reportedly featured a wallet-draining phishing instrument for a time, now redirects to competing platform RelayX. While an Ordswap representative claimed no user assets were impacted by the breach, they warned against interaction with the site.
Ordswap, the platform where Bitcoin Ordinals can be written, auctioned, and exchanged, has devised a strategy for users to recover their private keys while it fights to get back its website domain control. On October 10, Ordswap's Twitter handle revealed an online tool created to aid MetaMask users recover their Ordswap private keys enabling them to switch to other platforms.
Just the day before, on October 9, Ordswap issued an urgent warning to users against connecting to their website, as they didn't have control over it due to an issue with their website development and hosting company, Netlify.
Meanwhile, on Ordswap's Discord channel, a company representative and users signaled that for a period of time, the website featured a button which seemingly was trying to trick users into linking their crypto wallets. A user reported that this button was essentially a wallet drainer – a tool favored by crypto scammers. Currently, attempts to access Ordswap’s website redirect to a competing platform, RelayX.
Despite the breach, an Ordswap team member ensured on Discord that user private keys or assets have not been impacted, but warned users not to interact with the site.
This incident bears similarity to what happened late September when the Balancer, the Ethereum-based automated market maker, was attacked. The cybercriminals were able to decamp with approximately $240,000 worth of funds. Balancer believes that the attackers fooled its DNS service provider, EuroDNS, via a social engineering attack which enabled them to trick users into approving a malicious contract that would drain their wallet.
Published At
10/10/2023 5:39:08 AM
Disclaimer: Algoine does not endorse any content or product on this page. Readers should conduct their own research before taking any actions related to the asset, company, or any information in this article and assume full responsibility for their decisions. This article should not be considered as investment advice. Our news is prepared with AI support.
Do you suspect this content may be misleading, incomplete, or inappropriate in any way, requiring modification or removal?
We appreciate your report.