Blockchain projects need to lock down their domain names, stat.

Social engineering attacks aimed at altering or hijacking domains affiliated with crypto projects continue.

Today, the nameservers for eth.limo, a site that acts as a website resolver for alt-root .eth domains, were hijacked.

According to Ethereum Name Service (ENS), the perpetrator tricked someone at EasyDNS into granting access to change the nameservers.

ENS said the damage was minimized thanks to its use of DNSSEC:

Once the NS records were maliciously changed, validating resolvers checked the attacker’s responses against the legitimate DS record still cached from the parent zone. Because the attacker did not hold our signing keys, they could not produce valid RRSIGs, the chain of trust broke, and resolvers returned SERVFAIL instead of the malicious answers. In short, DNSSEC likely reduced the blast radius of the hijack.

The nameservers have been reverted to the correct ones.

Eth.limo provides an easy way for people to access websites connected to .eth domains. Because .eth isn’t in the ICANN root, people generally need special browsers or plugins to access .eth sites. With eth.limo, they just add .limo to the end, and it resolves. For example, someone could type example.eth.limo into their browser to access example.eth.