Skip to main content
Back to Security Snacks
Web3

Web3-Related Domain Takeovers

Published on: 
July 12, 2024

Domain takeovers of Squarespace-held domains

Crypto News relayed widespread social media reports of Web3-related domain takeovers of Squarespace-held domains. Using 0xngmi’s list as a guidepost, we are releasing passive DNS records for the listed sites observed since 2024-07-01 to allow for further analysis (please note two sets of data, one in epoch time, one set in a subfolder with human-readable time). Inclusion in this list does NOT necessarily indicate compromise.

Crypto News link: https://crypto.news/defi-protocols-compromised-as-many-domains-under-dns-siege/

0xngmi link: https://gist.github.com/0xngmi/789e297f3107d3c28c56da7acf11828d

Passive DNS records: https://github.com/DomainTools/SecuritySnacks/tree/main/2024/DeFiDNS

Screenshots from DNSDB Scout of two services that indicated attempted or successful compromise.

Related Content

SecuritySnacks
DPRK Contagious Interview: Developer Workflow Compromise
Analyze the DPRK "Contagious Interview" campaign targeting developers. Get technical deep-dives into VS Code task abuse, Node.js malware obfuscation, and a full Sigma/EDR detection pack to defend your CI/CD pipeline and identity perimeter.
Learn More
SecuritySnacks
The AI Frame Campaign Continues
Analysis of the persistent AIFrame campaign: A fake Google Authenticator Chrome extension and 6+ related apps use "deploy clean, update dirty" tactics to steal 2FA credentials and inject malicious iframes. Learn how this operation bypasses Google’s security reviews.
Learn More
SecuritySnacks
Cybersecurity Reading List - Week of 2026-04-06
From Gramsci's 'morbid symptoms' to modern threat intelligence - a cybersecurity roundup exploring why defenders should treat root causes over chasing dramatic threats, with curated links on ransomware, HUMINT, disinformation, and more.
Learn More

Heading

SecuritySnacks
Research
Newsletters
Podcast Episodes
About
No items found.