- Hacker gained access to EVODeFi domain through a Vercel platform vulnerability.
- The cybercriminal used another email address to move the domain to his space because the Verсel platform did not require confirmation
- EVODeFi blocked access within 40 minutes, paid compensation within an hour
EVODeFi, a cross-chain platform offering a set of crypto products, fell victim to a hacker attack, Bankless Times learned from a press release on PR News Wire, published at 9 ET this morning. An unidentified third party gained access to the EVODeFi domain through a Vercel platform vulnerability.
Vercel is a platform for deployment of frontend apps. It boasts zero configuration to a global edge network and the capability to scale dynamically to millions of pages.
Vercel didn’t require transfer confirmation
The cybercriminal used another email address to move the domain to his space because the Verсel platform did not require confirmation from EVODeFi, the domain owner, of the transfer.
The attacker entered his own wallet number and receiving all the funds to his personal account. He stole $320,000 while EVODeFi was working on restoring access to its domain.
Attacker blocked in less than an hour
The EVODeFi team was quick to respond, blocking access within 40 minutes. Within an hour of the attack, they began paying out compensation. EVODeFi has switched its service provider and will no longer use Vercel for frontend frameworks. There is no risk to clients at the moment. Everything is under control.
EVODeFi executive director Egor Volotkovich commented:
We see a lot of hacker attacks, which have already become a common phenomenon in the field of cryptocurrencies. Most often, hacks occur in smart contracts and servers. From this point of view, EVODeFi has a strong anti-hacking system. This vulnerability appeared in the third-party platform which we used, resulting in a data leak.
About EVODeFi
EVODeFi is a cross-chain solution providing a set of crypto products including a bridge between networks, business tools to increase crypto payments, and a high-tech system to work with crypto exchange and crypto-salaries projects, available in a single system. EVODeFi develops the following services: Bridge, Pay, Exchange, Payroll and App.
Using the latest technologies and great experience, the EVODeFi system works at the international level, providing its services in regions around the world, for example in the USA, Europe, and South America.