Ordswap, a marketplace that allows users to register, auction, and trade Bitcoin Ordinals, has devised a way for users to recover their private keys as it struggles to regain control of its website domain.
In X’s post (on Twitter) on October 10, Ordswap’s Account
The source for ID mask users to get the key is now available below. You are able to import hexadecimal into Unisat. https://t.co/oETb7h7sA0 https://t.co/NGaaLiNNwW
—Ordswap (@ordswap) October 10, 2023
The source for ID mask users to get the key is now available. You can import hexadecimal into Unisat.
Hours earlier, on October 9, Ordswap warned users not to connect to its domain because it did not control it. He blamed the problem on Netlify, a website development and hosting company.
We are working on publishing the source for ID mask users to get their key if they haven’t already. The issue appears to be Netlify related, but we are still working on it. https://t.co/uYGxJkzGfj
—Ordswap (@ordswap) October 9, 2023
We are working on publishing the source for metamask users to get their key if they haven’t already. The issue appears to be with Netlify, but we are still working on it.
On the project’s Discord server, an Ordswap team member and a user reported that, for a time, the website displayed a button asking users to connect their cryptocurrency wallet. In a clear phishing attempt.
X user mentioned That the button was like a wallet opener, An increasingly popular tool among cryptocurrency scammers. At the time of writing, Ordswap’s site was automatically redirecting to a competing marketplace, RelayX.
An Ordswap team member stated on Discord that neither private keys nor user assets were affected by the hack, But he added that users could be at risk if they interact with the site.
In late September, the website of Ethereum-based automated market maker Balancer was hacked in an apparently similar attack: At that time, the attackers stole cash worth approximately US$240,000.
Balancer later said it believed exploiters carried out a social engineering attack against its DNS service provider, EuroDNS, allowing attackers to submit a request to trick users into agreeing to a malicious contract that drained their wallets.
Collect this item as an NFT To preserve this moment in history and show your support for independent cryptocurrency journalism.
Explanation: The information and/or opinions expressed in this article do not necessarily represent the views or editorial line of Cointelegraph. The information provided here should not be considered as financial advice or investment recommendation. All investments and business transactions involve risks and it is every person’s responsibility to conduct due research before making an investment decision.
Read on:
Investments in crypto assets are not regulated. It may not be suitable for retail investors and the entire amount invested may be lost. The services or products provided are not directed at or available to investors in Spain.
“Beeraholic. Friend of animals everywhere. Evil web scholar. Zombie maven.”