GoDaddy Website Hack Leaves DeFi Protocol ‘SpiritSwap’ Compromised

By Jana Serfontein May 17, 2022 In DeFi, Hackers, Scams

Multiple DeFi protocols have been compromised after an attack on the world’s biggest domain registrar, GoDaddy. Unconfirmed reports suggest the hacker(s) may have used GoDaddy’s account recovery method to target crypto domains.

SpiritSwap, one of Fantom’s biggest DeFi exchanges, has been left vulnerable as a result:

SpiritSwap Manages to Mitigate Disaster

SpiritSwap managed to quickly take action as the attacker(s) manipulated the swap parameters and were able to take away an amount not exceeding US$18,000. SpiritSwap provided updates stating it had disabled swapping in order to prevent the hackers from stealing further funds and assured users that their contracts and funds were safe, but the domain has been compromised. Since the attack, SpiritSwap has suspended all transactions:

Swapped Funds Redirected Across DeFi Protocols

Several crypto projects use GoDaddy to host their domains, and at the time of writing the full extent of the damage was not yet clear. That said, this attack differs from the recent ‘Coinzilla Ad’ hack in which an ad caused a pop-up on sites such as CoinGecko that, when clicked, could drain a user’s wallet. In the case of GoDaddy, the attacker used the hosting platform to redirect swapped funds on DEXes such as QuickSwap and SpiritSwap:


DeFi Scams on the Rise in 2022

DeFi scams are nothing new but are becoming ever more brazen. Here is a recent list of the scams that happened in DeFi this year:

Jana Serfontein

Jana Serfontein

Jana has keen interest in what cryptocurrencies have to offer in regards to NGO’s, governments and the financial system. And is also intrigued with the psychological effect that cryptocurrencies have on society.

You may also like