The Register writes that the Linksys developers are resetting the passwords from Linksys Smart Wi-Fi,…
Also, the administration of Cream Finance and PancakeSwap asked users not to enter seed phrases and private keys on cybercriminals’ phishing sites in order to avoid problems.
“Our DNS has been compromised by a third party; some users are seeing requests for seed phrase on http://app.cream.finance. DO NOT enter your seed phrase. We will never ask you to submit any private key or seed phrases. This is unfortunately also happening at @PancakeSwap – be careful out there and do not share your private keys nor seed phrase on any websites or chats”, – Cream Finance on Twitter representatives write on Twitter.
According to information security specialists, the same attacker is clearly behind these attacks, since the DNS records for both sites were changed at an interval of one minute.
How exactly the attackers managed to spoof DNS records for both sites is not yet clear, but as noted by MalwareHunterTeam, both companies managed their DNS records through the hosting company GoDaddy.
“Both CreamdotFinance and PancakeSwap have their domains registered by GoDaddy. So, if someone somehow not phished both companies’ people at the same time, it’s again time to say thanks to GoDaddy”, — MalwareHunterTeam writes.
While the attackers could theoretically compromise the hosting accounts of both companies, it is also possible that a GoDaddy employee was attacked. The fact is that this will not be the first incident of this kind: in March and November of last year, GoDaddy employees have already become victims of phishers.
Then the attackers infiltrated the system and changed the DNS for a number of resources related to cryptocurrency and hosting, including Escrow.com, Liquid.com, NiceHash.com, Bibox.com, Celsius.network, and Wirex.app.
Currently, representatives of Cream Finance and PancakeSwap report that they have almost regained control of the domains, and that it is safe for most users to visit the sites.
We also talked about how Microsoft gained control over six domains of “Coronavirus” scammers.
News-bpudepi.today is a domain that tries to trick you into subscribing to its browser notifications…
Doguhtam.xyz is a site that tries to trick you into subscribing to its browser notifications…
News-xlixoti.com is a site that tries to force you into subscribing to its browser notifications…
Ducesousightion.com is a domain that tries to trick you into clik to its browser notifications…
News-xlabica.live is a domain that tries to trick you into clik to its browser notifications…
Mergechain.co.in is a site that tries to trick you into subscribing to its browser notifications…