@tiagosetti @iwantmyname ^ absolutely, this indeed will help to reduce probability of such attacks (not completely to 0 though)
@tiagosetti @iwantmyname ^ 绝对,这确实有助于降低此类攻击的可能性(虽然不完全为 0)
用户 Curve(@ CurveFinance) 的最新消息
@eth1trillion @iwantmyname @NamecheapCEO Unlike the namecheap incident, it wasn't social engineering of an employee. Seemingly, it's just something in the guts of how DNS protocol works
@eth1trillion @iwantmyname @NamecheapCEO 与 namecheap 事件不同,这不是员工的社会工程。看起来,这只是 DNS 协议工作原理的一部分
@foldfinance @iwantmyname Well, at least it has an unspoofable record. ENS gateways could be the weak point though
@foldfinance @iwantmyname 好吧,至少它有一个不可欺骗的记录。 ENS 网关可能是弱点
We have a brief report from @iwantmyname about what has happened. In brief: DNS cache poisoning, not nameserver compromise.
https://status.iwantmyname.com...
No one on the web is 100% safe from these of attacks. What has happened STRONGLY suggests to start moving to ENS instead of DNS
我们收到了来自@iwantmyname 的关于所发生事情的简短报告。简而言之:DNS 缓存中毒,而不是域名服务器妥协。
https://status.iwantmyname.com...
网络上没有人能 100% 免受这些攻击。发生的事情强烈建议开始迁移到 ENS 而不是 DNS
RT: 確定安全了🦙
https://curve.fi/ 的 DNS 設置已經傳播到世界各處,因此在地球上的每個位置都可以安全使用。
https://curve.fi/ 和特定EVM鏈的Curve網站更新得更早。
Curve中文 👉🏼 https://t.me/curveficn https://twitter.com/curvefinan...
RT:确定安全了🦙
https://curve.fi/ 和特定EVM链的Curve网站更新得更早。
曲线中文👉🏼 https://t.me/curveficn https://twitter.com/curvefinan...
Finally, DNS settings for https://curve.fi/ propagated everywhere, so it is safe to use in every location on Earth.
https://www.curve.fi/ and chain-specific sites got updated much earlier.
最后,https://curve.fi/ 的 DNS 设置传播到各处,因此可以安全地在任何位置使用地球。
https://www.curve.fi/ 和特定于连锁店的网站更新得更早。
RT: why is this a hit piece?
bridges don't obfuscate the transaction graph, they can't be used to launder anything.
pretty sure elliptic also knows that.
RT:为什么这是热门作品?
网桥不会混淆交易图,它们不能用于洗钱。
很确定椭圆也知道这一点。
@0xCryTeo @fcklupi @Rabby_io Absolutely. We have hundreds of contracts, but they can be indeed labelled like that!
@0xCryTeo @fcklupi @Rabby_io 绝对。我们有数百份合同,但它们确实可以被贴上这样的标签!
We'll tweet when we're certain that ALL DNS records on all NS servers in the world are entirely up to date and the https://curve.fi/ address is definitely safe to use https://twitter.com/CurveFinan...
Looks like quite many nameservers in the world didn't yet update the record for https://curve.fi/ (require full 24 hours, and that cannot be accelerated). But hacker's site is already down.
Just in case - please use https://curve.exchange/, or verify that IP is 76.76.21.21
当我们确定全球所有 NS 服务器上的所有 DNS 记录都是最新的并且 https:/ /curve.fi/ 地址绝对可以安全使用 https://twitter.com/CurveFinan。 ..
看起来世界上很多域名服务器还没有更新 https://curve.fi/ 的记录(需要整整 24 小时,而且无法加速)。但是黑客的网站已经关闭了。
以防万一 - 请使用 https://curve.exchange/,或验证 IP 为 76.76.21.21
Looks like quite many nameservers in the world didn't yet update the record for https://curve.fi/ (require full 24 hours, and that cannot be accelerated). But hacker's site is already down.
Just in case - please use https://curve.exchange/, or verify that IP is 76.76.21.21
看起来世界上很多域名服务器还没有更新 https://curve.fi/ 的记录(需要整整 24 小时,而且无法加速)。但是黑客的网站已经关闭了。
以防万一 - 请使用 https://curve.exchange/,或验证 IP 为 76.76.21.21
RT: 💼
How to revoke approved contract?
Here are some useful tools
如何取消 revoke 合約?推薦幾個工具
- https://revoke.cash/ (ETH)
- https://approved.zone/ (ETH
- https://app.unrekt.net/ (EVM Chains)
- https://allowance.beefy.financ... (BSC/BNB)
- https://cointool.app/approve/ (Cross-chain) https://t.co/nXF9pIAsQj
转发:💼
如何撤销已批准的合同?
这里有一些有用的工具
如何取消合同?推荐工具
- https://revoke.cash/ (ETH)
- https://approved.zone/ (ETH
- https://app.unrekt.net/(EVM 链)
- https://allowance.beefy.financ... (BSC/BNB)
- https://cointool.app/approve/(跨链)https://t.co/ nXF9pIAsQj
@0xM3R1G0 @DU09BTC @iwantmyname Is there ANY web3 project which doesn't use some registrar?
Though running your own ns is an interesting idea, not aware of anyone doing it these days
@0xM3R1G0 @DU09BTC @iwantmyname 是否有任何不使用某些注册商的 web3 项目?
虽然运行自己的 ns 是一个有趣的想法,但现在不知道有人在这样做
@0xM3R1G0 @DU09BTC That. Fortunately, it was the NS server which was compromised but not all the registrar's infra, so we were able to change the NS quickly
@0xM3R1G0 @DU09BTC 那。幸运的是,被入侵的是 NS 服务器,但不是所有注册商的基础设施,所以我们能够快速更改 NS
@mwaddip Unfortunately, it's sysadmins of third party services (NS), not us. Only can (a) use better services or (b) not use web2. Or both!
@mwaddip 不幸的是,它是第三方服务 (NS) 的系统管理员,而不是我们。只能 (a) 使用更好的服务或 (b) 不使用 web2。或两者!
@DU09BTC Soon. In brief, @iwantmyname's nameservers got compromised - don't use them. If you have a domain with them - switch the ns asap.
@DU09BTC 很快。简而言之,@iwantmyname 的名称服务器受到了损害——不要使用它们。如果您有他们的域 - 尽快切换 ns。
@CryptoBagyi To know for sure if it is good for you - run "ping https://curve.fi/". If 76.76.21.21 - you're good!
@CryptoBagyi 要确定它是否对您有好处 - 运行“ping https://curve.fi/”。如果 76.76.21.21 - 你很好!
@JulianBerridi For most, it was updated long ago, but DNS doesn't propagate instantly. That's how internet works, sigh
@JulianBerridi 对于大多数人来说,它很久以前就更新了,但 DNS 不会立即传播。这就是互联网的运作方式,叹息
RT: @LaTour85640275 @samczsun @CurveFinance check verified sources for deployed contract addresses and then double check what contract you're interacting with before signing a transaction...
RT:@LaTour85640275 @samczsun @CurveFinance 检查已部署合同地址的已验证来源,然后在签署交易之前仔细检查您正在与之交互的合同......
Updates should have propagated for https://curve.fi/ everywhere by now, which means it should be safe to use
到现在为止,https://curve.fi/ 的更新应该已经传播到各处,这意味着它应该可以安全使用
RT: 稍早https://curve.fi/ 遭受 DDoS攻擊,現在已經沒事了。損失金額非常小,會陸續更新狀況。
如果你有授權給攻擊者合約: 0x9eb5f8e83359bb5013f3d8eee60bdce5654e8881
請馬上在 https://revoke.cash/ 解除合約授權! https://twitter.com/curvefinan...
RT:有点https://curve.fi/ 受宠的DDoS攻击,已经无可奈何了。现在损失金额非常小,早会陆续更新情况。
如果你有授权给攻击者:0x9eb5f8e83359bb5013f3d8eee60bdce5654e8881
请马上在 https://revoke.cash/ 解除授权!https://twitter.com/curvefinan...