Altcoins Talks - Cryptocurrency Forum
Learning & News => News related to Crypto => Topic started by: ABCbits on July 12, 2024, 11:47:53 AM
-
Squarespace DNS Hack Exposes Hundreds of DeFi Projects to Drainer Attacks
The decentralized finance (DeFi) ecosystem was rocked today by a massive domain name system (DNS) hijacking incident that targeted multiple DeFi applications. The attack, traced back to a vulnerability in Squarespace’s domain registry, compromised numerous DeFi platforms, including Compound Finance and Pendle Finance.
Security researchers at Blockaid were the first to identify the attack when the Compound Finance website began redirecting users to a malicious site equipped with a drainer app designed to steal user funds... Read more here (https://www.blockhead.co/2024/07/12/squarespace-dns-hack-exposes-hundreds-of-defi-projects-to-drainer-attacks-2/).
This attack prove people's dependency towards centralized front end, when interacting with DeFi. Your opinion is greatly appreciated.
-
This attack prove people's dependency towards centralized front end, when interacting with DeFi. Your opinion is greatly appreciated.
I thought DeFi are only called decentralized finance but they are making use of central servers which make them to also be centralized. Although, not as centralized as how it is in traditional way but not decentralized as people think they are decentralized.
-
This attack prove people's dependency towards centralized front end, when interacting with DeFi. Your opinion is greatly appreciated.
I thought DeFi are only called decentralized finance but they are making use of central servers which make them to also be centralized. Although, not as centralized as how it is in traditional way but not decentralized as people think they are decentralized.
It is really messed up. "DeFi" cannot be called that if it is relying on a central domain name. Ethereum projects in particular have no excuse for this because Ethereum domain names exist in the form of ENS, and these are decentralized domain names that don't use any server or central registry.
It seems like the only project I have heard of that even comes close to "decentralized finance" is Tornado Cash.
-
I thought DeFi are only called decentralized finance but they are making use of central servers which make them to also be centralized. Although, not as centralized as how it is in traditional way but not decentralized as people think they are decentralized.
Defi has turned into a buzzword!
Centralized servers, centralized team behind it, centralized wallets that control the funds, they are one step away from real CEXs.
Also, pretty interesting, why do we need so many DeFi services when they are all supposed to do exactly the same thing? Because the way they attract users shows another step towards centralization, just as their pools show possible manipulation, and when I say possible,we all know it's happening every day!
-
Defi has turned into a buzzword!
~snip~
To me, this whole concept didn't make sense from the beginning, because as we can see, this whole "industry" is largely centralized from the beginning, and on the other hand, they are "sold" as decentralized projects. Every now and then I read about holes in protocols, vulnerabilities that cause millions of damages, and then again a series of news that glorifies DeFi as something that will change the world.
Maybe DeFi in combination with AI will be the real thing, something that everyone is waiting for, or maybe it already exists?
-
Defi has turned into a buzzword!
~snip~
To me, this whole concept didn't make sense from the beginning, because as we can see, this whole "industry" is largely centralized from the beginning, and on the other hand, they are "sold" as decentralized projects. Every now and then I read about holes in protocols, vulnerabilities that cause millions of damages, and then again a series of news that glorifies DeFi as something that will change the world.
DeFi is supposed to be decentralized - but ultimately this is impossible to achieve given that:
- Loans are made by a central entity to you, conventionally
- The money that you put inside a financial "instrument" is used by the owner of said instrument (e.g. a bank) to invest into more stuff
- They can all freeze your funds.
So yeah, DeFi has all of this, only more brittle and prone to security failures, as well as using a fancy buzzword called "blockchain". ???
Maybe DeFi in combination with AI will be the real thing, something that everyone is waiting for, or maybe it already exists?
No.
-
This attack prove people's dependency towards centralized front end, when interacting with DeFi. Your opinion is greatly appreciated.
I thought DeFi are only called decentralized finance but they are making use of central servers which make them to also be centralized. Although, not as centralized as how it is in traditional way but not decentralized as people think they are decentralized.
It's possible few of those DeFi provide way to interact with it without the centralized website, such as running node and it's DeFi application. Although the fact someone hack Squarespace DNS prove that many user prefer using centralized front end.
Maybe DeFi in combination with AI will be the real thing, something that everyone is waiting for, or maybe it already exists?
There are few project which combine those. But i expect it's another cashgrab which use many buzzword.
-
Maybe DeFi in combination with AI will be the real thing, something that everyone is waiting for, or maybe it already exists?
There are few project which combine those. But i expect it's another cashgrab which use many buzzword.
It was actually a rhetorical question, considering that with the help of AI today, they are trying to sell everything that can be sold. Given how fascinated people are with AI chat bots, I'm not surprised at all that someone is trying to sell such ideas when it comes to altcoins or DeFi.
-
~
It was actually a rhetorical question, considering that with the help of AI today, they are trying to sell everything that can be sold. Given how fascinated people are with AI chatbots, I'm not surprised at all that someone is trying to sell such ideas when it comes to altcoins or DeFi.
So another vaporware thing? Of course, it's possible, I would be amazed it hasn't happened yet!
But in reality that's impossible, AI can't be decentralized, the moment it would it would act like a mob with opinions or it would make decisions based on what it feeds on, which again would be influenced by the source. You can't really have decentralization unless it's something built already on a protocol that can't be removed, a Defi model like all we have now will always require human intervention thus centralization.
It's possible few of those DeFi provide way to interact with it without the centralized website, such as running node and it's DeFi application.
Yup, that's the end goal, the problem comes with the "governance' that screws everything up.
-
I thought DeFi are only called decentralized finance but they are making use of central servers which make them to also be centralized. Although, not as centralized as how it is in traditional way but not decentralized as people think they are decentralized.
Who could have imagined that a hack can come from the domain registry platform...that is, of course, not really decentralized serving decentralized clients? This is actually my first time to hear of this kind of hacking which is now added to the long list of hack history that the cryptocurrency industry got into...and am sure this will not be the last in the decentralized finance (DeFi) arena which has been one of the top targets of hackers for the past many years. My salute to these hackers who will not stop at anything in finding the smallest crack on the rock where they can insert themselves with the intention of creating chaos and yes some big bucks if possible. May the same energy, resourcesfullness and sucess can be meet by people who are into the business of security and safety so these hackers can be minimized and maybe even put to a halt.