Ambient Finance, a decentralized exchange (DEX) operating on the Scroll network, has assured its users that their funds remain secure despite a recent cyber attack. While the core infrastructure and on-chain contracts were not affected, the platform warned users to avoid interacting with its website due to a Domain Name System (DNS) breach.
Hackers compromise website front with malicious links
The attack on Ambient Finance involved unauthorized control of the platform’s website, where hackers altered the domain to host malicious links. These links were designed to redirect users to fraudulent websites intending to steal their digital assets. According to the company, the hackers’ strategy was to compromise the integrity of the platform’s front end, but the smart contracts and on-chain assets remain unaffected.
Ambient Finance has strongly advised users to revoke any approvals previously granted to the platform’s contracts to mitigate further damage. The company has provided a dedicated link for users to carry out this revocation, emphasizing the importance of taking immediate action to safeguard assets. They are working with security experts and their domain registrar to restore the front end and prevent additional security breaches.
Malware identified as inferno drainer
Security firm Blockaid identified the malware responsible for the Ambient Finance attack as Inferno Drainer. This malware was designed to steal digital assets by tricking users into interacting with malicious URLs. According to investigators, the server hosting the malicious content was set up just 24 hours before the breach, demonstrating the attackers’ highly coordinated and time-sensitive operation.
While Ambient Finance conducts a full investigation, it has asked users to remain vigilant and avoid using the platform’s website until further notice. The company reiterated that user security remains its top priority and promised to update the community as the situation evolves.
Growing cybersecurity concerns in the DeFi sector
The Ambient Finance breach is part of a growing trend of cyber attacks targeting the decentralized finance (DeFi) sector. Just days before this incident, Radiant Capital, a LayerZero-based DeFi platform, suffered losses exceeding $50 million due to a separate attack. Web3 security firm Ancilia suggested that a backdoor contract on the BNB Chain network likely facilitated the Radiant Capital hack.
Regulatory bodies are pushing for more robust cybersecurity measures in response to the increasing frequency of these attacks. The European Securities and Markets Authority (ESMA) has recently called on EU lawmakers to impose stricter regulations on the crypto industry.
ESMA has proposed that companies in the sector undergo mandatory external cybersecurity audits to comply with upcoming regulatory frameworks. This comes amid reports indicating that cyber thefts in the crypto space have surged to $1.5 billion in recent months. As the DeFi industry continues to grow, so do the threats, highlighting the urgent need for enhanced security protocols across the sector.