VERDICT —OUT OF SCOPE
Root cause is infrastructure (DNS / cloud / database / third-party API) compromise, not on-chain contract logic. Pre-deployment source review would not surface this; coverage lives in cloud-security + supply-chain audit, separate discipline.
▰ METHOD
INFRASTRUCTURE
INFRASTRUCTURE
Root cause
Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Forensic narrative
Polygon Chief Information Security Officer Mudit Gupta tweeted that two remote procedure call (RPC) interfaces of Polygon and Fantom were affected by a Domain Name System (DNS) hijacking attack on Friday. The reason was that a hacker hijacked Ankr's Domain Name System (DNS) to steal the user's seed stage, and Ankr quickly recovered the error and said no funds were lost. Attack method (per SlowMist): DNS Hijacking Attack. Reported loss: -.
Primary source
https://zh-cn.bitcoinethereumnews.com/technology/dns-hijack-compromised-ankrs-services-for-polygon-and-fantom/ ↗Sourced from
slowmist
Technical record
- chain
- polygon
- protocol
- Polygon & Fantom
- bug_class
- infrastructure
- date_occurred
- 2022-07-01
- loss_usd
- —
- source_id
- sm:polygon-fantom::2022-07-01
Related — same bug class· infrastructure