QI Quadriga Initiative

Jun 2022 - AllBridge Malicious DNS Hijack - $Unknown (Global)

Allbridge, founded in 2021, is a "[c]ross-chain solutions provider" which offers "[t]he most convenient cross-chain transfers". The service offers AllBridge Classic, Allbridge BaaS, and Allbridge Core.

"Allbridge is a simple, modern, and reliable way to transfer assets between different networks. It is a bridge between both EVM (Like Ethereum, Polygon, BSC) and non-EVM compatible (like Solana, Terra) blockchains, that aims to cover L2 (like Arbitrum, Optimism) solutions and NFT transfers in the future. Allbridge’s mission is to make the blockchain world borderless and provide a tool to freely move assets between different networks."

Further Analysis

How Could This Have Been Prevented?

The issue ultimately stemmed from a single customer support agent being compromised. A multi-signature requirement on DNS changes would have prevented this scenario entirely. While NameCheap offers advanced protections on their domain names, this service had just launched two days prior to the DNS change, so it was unlikely to be a reasonable expectation that Convex Finance would have already signed up. Users of platforms need to be careful and double check any new approval requested by any platform against the proper smart contract address. It is recommended to double check any new smart contract addresses being interacted with.

More Cryptocurrency Exchange Hacks/Scams/Frauds

Ribbon Finance Malicious DNS Hijack > > < < Harmony Horizon Bridge Private Key Exploit

Sources/Further Reading

Allbridge is the best cross-chain bridging solution provider. (Feb 7)
What is Allbridge? - Allbridge (Feb 7)
https://www.cloudflare.com/learning/dns/what-is-dns/ (Feb 9)
Post Mortem Of Events June 23 (Aug 24)
@ConvexFinance Twitter (Aug 24)
Premium domain protection – Domain Vault - Namecheap (Feb 9)
@NamecheapCEO Twitter (Aug 24)
@NamecheapCEO Twitter (Aug 24)
@DevanCollins3 Twitter (Aug 24)
@LefterisJP Twitter (Feb 10)
@NamecheapCEO Twitter (Feb 11)

Join Us!

 Name: Email:
t.me/QuadrigaInitiative /r/QuadrigaInitiative @QuadrigaInit info@quadrigainitiative.com
Sign-Ups: 100%

Your use of this site/service accepts the Terms of Use and Privacy Policy. This site is not associated with Ernst & Young, Miller Thompson, or the Official Committee of Affected User. For questions or enquiries, email info@quadrigainitiative.com.