dYdX Announces Investigation Results of Hack Leading to Significant Losses

dYdX, a prominent cryptocurrency exchange, announced on July 23 that their website version 3.0 had been compromised.

Azcnews Dydx Announces Investigation Results Of Hack Leading To Significant Losses

Users were advised to avoid accessing the version 3.0 website or clicking on any related links until further notice. However, the team assured users that version 4.0 remained unaffected and was operating normally.

dYdX released a detailed report on the Squarespace account hack, outlining the events and their response. The exchange decided to change its domain registrar and continue collaborating with SEAL and other partners to prevent future incidents.


The dYdX exchange website was compromised due to a social engineering attack. According to the incident report, unauthorized individuals accessed dYdX Trading’s Squarespace account through a social engineering attack on Squarespace’s customer support team. During the two-hour domain attack, two users lost a total of approximately $31,000. dYdX Trading is contacting the affected users to ensure they are compensated.

In 2023, Squarespace acquired all domains from the now-defunct Google Domains, migrating them over several months. The domain dydx.exchange, owned by dYdX Trading, was transferred to Squarespace on June 15, 2024.

On July 9, attackers accessed the dydx.exchange domain and modified the DNS name servers from Cloudflare to DDoS-Guard.

This initial attack was mitigated by DNSSEC settings, preventing users from accessing the compromised site. dYdX swiftly addressed the issue by rotating passwords and implementing two-factor authentication (2FA).


Following reports of similar attacks on cryptocurrency-specific domains, SEAL, a security group focused on crypto, conducted an investigation. They discovered an OAuth vulnerability on Squarespace that had been exploited. Squarespace resolved and patched this issue on July 12.

Despite this, the dydx.exchange domain was compromised again on July 23. The attackers altered the DNS name servers and removed DNSSEC settings, hosting a malicious site that deceived users into transferring Ethereum and ERC20 tokens.

During this period, dYdX collaborated with SEAL and other partners to block the malicious sites on popular crypto wallets like Metamask and Phantom. Despite these efforts, two users lost $31,000 in the attack.

dYdX Restores Website After Squarespace Account Hack

The investigation further revealed that the attacker changed the domain administrator’s email to an address ending in outlook.com, with a username similar to the legitimate payment administrator’s name on the dYdX account. This indicated a social engineering attack, as the attacker used a seemingly trustworthy email address.

According to dYdX, communications with Squarespace indicated that human error initiated the account takeover during the account recovery process.

The attacker bypassed 2FA and modified the account email without providing valid security credentials. Squarespace’s customer service failed to contact any other administrators listed on the domain before making these changes.


In response to the attack, dYdX transferred its domain registration to Cloudflare to enhance security. This expedited transfer was completed within six hours.

dYdX confirmed that there were no security issues with its smart contracts, backend systems, or the dYdX Chain due to these incidents. The dYdX team announced on social media platform X, advising users to clear their browser cache and restart their browsers before reconnecting to the website to ensure they do not access the compromised site.

Love

0.0/5

Love
  1. Avatar of SamEasy
    SamEasy

    Thanks for this it really helpful

Comments are closed.

Latest

World’s Richest Youtuber Mrbeast Registers His Own Finance And Crypto Brand

News | Editor Choice | Policy & Regulations

World’s Richest YouTuber MrBeast Registers His Own Finance and Crypto Brand

The world’s richest YouTuber, MrBeast, has made a bold move into the world of finance and cryptocurrency with his new brand “MrBeast Financial”, signaling his ambition to build a global fintech empire.

Deepseek Surpasses Grok And Openai In Crypto Trading Showdown

News | AI | Editor Choice

DeepSeek Surpasses Grok and OpenAI in Crypto Trading Showdown

DeepSeek is making waves across the crypto and tech communities as it takes the lead in Alpha Arena — a live crypto trading competition among the world’s top artificial intelligence models, outperforming both Elon Musk’s Grok and OpenAI’s GPT-5.

Bitcoin’s Two Failed Rallies Signal Weakness

News | Bitcoin | Editor Choice

Bitcoin’s Two Failed Rallies Signal Weakness

The Bitcoin (BTC) market is entering a tense phase as bullish momentum fades after two consecutive failed recovery attempts. While the price still holds key support levels, on-chain data suggests the market may be shifting toward accumulation, with long-term holders (LTHs) quietly building their positions.

Bio Soars 58% After Upbit Listing, Desci Tokens Make A Powerful Comeback

News | Altcoin | Editor Choice

BIO Soars 58% After Upbit Listing, DeSci Tokens Make a Powerful Comeback

South Korea’s crypto market just witnessed a major explosion as Upbit, the country’s largest exchange by trading volume, announced the listing of BIO Protocol’s native token, BIO. Following the news, the altcoin skyrocketed over 58%, while its trading volume surged by more than 500% within hours.

Ripple Chairman Accused Of Dumping 50m Xrp On Retail Investors

News | Altcoin | Editor Choice

Ripple Chairman Accused of Dumping 50M XRP on Retail Investors

The XRP community is in turmoil after a new claim by CryptoQuant analyst Maartunn alleged that Ripple Chairman Chris Larsen sold off 50 million XRP, “dumping” on retail investors. However, industry experts quickly pushed back, clarifying that the transaction was not a sell-off as speculated.

Screenshot 2025 10 20 091338