Kelp DAO security incident analysis: The attacker bypassed 2-FA verification by impersonating the Kelp team to convince GoDaddy's customer support.

robot
Abstract generation in progress

BlockBeats News, on July 29th, Liquiditystakeprotocol Kelp DAO reviewed the previous security incident: at 22:30 on July 22nd, Kelp's dApp began displaying malicious Wallet activity transactions, attempting to steal user funds. The Kelp team responded immediately by locking the domain servers, restoring ownership access, and resolving the issue. The attacker successfully convinced GoDaddy's customer support by impersonating the Kelp team and bypassing 2-FA. The Kelp team is taking preventive measures, including transferring to another domain registrar and strengthening alerts for abnormal UI behavior. A few users reported financial losses due to UI attacks, and the Kelp team is providing support.

View Original
This page may contain third-party content, which is provided for information purposes only (not representations/warranties) and should not be considered as an endorsement of its views by Gate, nor as financial or professional advice. See Disclaimer for details.
  • Reward
  • 1
  • Share
Comment
0/400
Rokhaya1984vip
· 04-11 17:28
Bull Run 🐂
Reply0
Trade Crypto Anywhere Anytime
qrCode
Scan to download Gate app
Community
English
  • 简体中文
  • English
  • Tiếng Việt
  • 繁體中文
  • Español
  • Русский
  • Français (Afrique)
  • Português (Portugal)
  • Bahasa Indonesia
  • 日本語
  • بالعربية
  • Українська
  • Português (Brasil)