A recent Twitter revelation by Dominic Alvieri, a cybersecurity expert, sent ripples across the crypto world with the assertion that the Ethereum Name Service (ENS) had been hacked. To put things in perspective, the ENS, manifested by Nick Johnson in 2017, is primarily an efficient, user-centric system that paves the way for easier sharing and access to Ethereum addresses, courtesy of its simplification of address strings into easily-comprehensible domain names.
The societal effects of ENS’s potential compromise shouldn’t be trivialised, especially when considering the payload the supposed hackers, SiegedSec, claimed they extracted: usernames, hashed passwords, access tokens, and more from three databases, among which was ENS’s.
As news broke of SiegedSec’s alleged hack via its official Telegram channel, skepticism emerged from the cryptosphere. The dilemma was whether this was a real breach or a smooth exploitation of public information masked as ‘hacking’. Consequently, it served as a wake-up call for several crypto users, prompting many to proactively modify their passwords, painstakingly verifying the resolved addresses within ENS settings remained undisturbed.
With the seed of doubt planted, ENS users went into overdrive, thoroughly scrutinizing the supposed breach. In a twist of fate, the alleged sensitive data was found to contain only ENS names and a hexadecimal representation of the token ID – puzzling, isn’t it? It seems the hacker’s braggadocious claims were alluding to merely publicly available information.
This event raises critical questions about the operational intent of new-age cyber cells like SiegedSec. Indeed, some groups have nobler intentions, serving as hacktivists who target entities in strife-torn countries like Russia. However, there are other self-serving actors who ride the coattails of global events, using them as a smokescreen to propel their nefarious cyber activities.
SiegedSec, overseen by the infamous hacktivist YourAnonWolf, falls into the latter category. Emerging in late February 2022, this group has left a mark by breaching numerous websites, particularly those owned by the government. Yet, their attempt to infiltrate the ENS, a decentralized system underpinned by Ethereum’s backbone, was a stark failure.
Perhaps this is a sobering reminder that appearances can be deceiving. And while the crypto community should remain vigilant meanwhile being undeterred by shrouded threats, this failed hacking attempt serves as testament to the strength of decentralized systems in the face of cybersecurity assaults.
Source: Cryptonews