As cryptocurrency holders, security of any party should be scrutinized as there is no take-backs if we lose access to our crypto wealth. For EtherDelta’s recent hack, the failure point was their DNS.
Dear users, we have reason to believe that there had been malicious attacks that temporarily gained access to @etherdelta https://t.co/NnqU5Er4rj DNS server. We are investigating this issue right now – in the meantime please DONOT use the current site.
— EtherDelta (@etherdelta) December 20, 2017
EtherDelta, a decentralized exchange for ERC-20 tokens, was hacked in December 2017. The hack, known as DNS hijacking, was relating to DNS servers being changed to an imposter website. This rerouted visitors of etherdelta.com to the fake website. What ended up happening is visitors depositing their cryptotokens to a wallet address or smart contract that the attacker controlled.
How did this happen? I imagine the hackers got hold of the credentials to the domain registrar where etheredelta.com was held and simply pointed their domain to their server where the look-alike fake website was hosted.
It could have been pulled off by social engineering where the attacker called the domain registrar and impersonating EtherDelta’s site administrators to gain access to the domain. It could also have been an insider job at either the domain registrar or EtherDelta. How can we really know or trust anyone?
So how do we protect ourselves? Unless you are tracking the IP address every day to ensure there hasn’t been any changes, it’s unlikely we can protect ourselves from DNS hijacking.
To make matters more complicated, EtherDelta uses CloudFlare services (helps load website faster) and can be another point of failure if their CloudFlare account is compromised or taken advantage of in any way. We wouldn’t see any changes from the WHOIS lookup.
I have three suggestions, all of which involve changing the way we make trades:
- One way is to trade with smaller amounts at a time. You can make trades through a period of time, to mitigate loss of funds from one compromised trade. For example, instead of trading 1 ETH, you might choose to do 0.25 ETH four times.
- You can also combine the first idea by using multiple sources for exchanging. This means not trusting one source for all your trades. For example, Shapeshift, Changelly, and EtherDelta.
- You can consider direct trades in person, which is not convenient and has its own risks (i.e., revealing who you are to someone who can physically follow you/take pictures of you/rob you). You also need to find someone willing to buy your particular tokens for another particular token that you want.
This EtherDelta hack may not be inevitable. I recall hearing something about Ethereum having its own domain system, but don’t know enough. It might be a solution one day to protect us from any DNS hijacking.
Stay safe, get to know how things work, and take every measure to protect your crypto wealth. No one deserves to lose.
– – –
A quick side note about decentralized exchanges: The nature of decentralized exchanges is they have to make some money in form of fees for trades. This means your cryptotokens are sent to their wallet before they are sent off to the receiving end of the trade.
Compared to centralized exchanges where the private keys are held by the company until they are manually withdrawn. Decentralized exchanges, in my opinion, are still the better alternative, even if you have to trust your cryptotokens to the exchange for a few minutes to process to the transaction before your trade ends up in your own wallet.