Ordswap Allows Users to Retrieve Private Keys After Domain Breach
Ordswap, a marketplace for Bitcoin Ordinals, has introduced a tool that enables users to recover their private keys after the website’s domain was compromised. On October 10, the Ordswap Twitter account shared an online tool for MetaMask users to retrieve their Ordswap private keys and transfer them to other providers. The platform had previously warned users not to connect to its domain, blaming website development and hosting firm Netlify for the issue. Additionally, there were reports of a button on the website that attempted to phish users by prompting them to connect their crypto wallet. Currently, Ordswap’s website automatically redirects users to RelayX.
No Impact on User Private Keys or Assets
According to an Ordswap team member on Discord, there has been no impact on user private keys or assets due to the breach. However, interacting with the compromised website could compromise users’ security. This incident is reminiscent of a similar attack on Balancer, another Ethereum-based platform, where attackers stole approximately $240,000 worth of funds. Balancer attributed the breach to a social engineering attack on its DNS service provider EuroDNS.
Hot Take: Ensuring Security Amidst Domain Breaches
This incident highlights the importance of maintaining robust security measures in the face of domain breaches. Platforms like Ordswap must take immediate action to protect user assets and privacy when such incidents occur. Implementing multi-factor authentication and conducting regular security audits can help mitigate risks. Users should also exercise caution and refrain from interacting with compromised websites or providing sensitive information. As the crypto industry continues to grow, it is crucial for both platforms and users to remain vigilant and prioritize security at all times.
By
By
By