dYdX Details
dYdX
San Francisco, California • 100 employees • Financial Services
https://dydx.exchange/
United States
Industry
Financial Services
Security Incidents
1
dYdX is a decentralized trading platform primarily focused on advanced cryptocurrency financial products. Built on the Ethereum blockchain, dYdX offers users access to perpetual contracts with features that include low trading fees, deep liquidity, and substantial leverage—up to 20 times the buying power. The platform aims to provide a robust and reliable environment for trading complex financial instruments in the crypto space.
Founded to cater to the needs of advanced traders, dYdX has seen various milestones, including the launch of multiple trading pairs and the continuous rollout of plat...
Show more
Security Incidents
dYdX Breach of Jul 2024
Attackers had hijacked the domain to deploy a phishing website, which prompted users to approve transactions that enabled the theft of their valuable tokens. The incident was attributed to a wave of DNS hijacking attacks targeting DeFi platforms, specifically those domains recen...
Show more
The incident is part of a broader wave of DNS hijacking attacks affecting DeFi platforms linked to the Squarespace reg...
Show more
Fortunately, no internal company data, intellectual property, or source code was stolen in this attack. The quick response from...
Show more
Severity Score
Significant
Type
UnknownSummary
On July 23, 2024, the decentralized finance (DeFi) crypto exchange dYdX disclosed that its v3 trading platform's website had been compromised through a DNS hijacking attack. Users were advised to avoid visiting the compromised dydx.exchange site and to refrain from making any transactions until the issue was resolved.Attackers had hijacked the domain to deploy a phishing website, which prompted users to approve transactions that enabled the theft of their valuable tokens. The incident was attributed to a wave of DNS hijacking attacks targeting DeFi platforms, specifically those domains recen...
Show more
Severity
The cyber security incident involving the DeFi exchange dYdX's older v3 trading platform was significant and indicative of a sophisticated attack. The breach resulted from a DNS hijack, allowing attackers to deploy a copycat website that could steal user tokens through fraudulent transactions. Although the smart contracts and funds on the platform remained secure, users were misled into connecting their wallets to a malicious site, posing a substantial threat to their assets.The incident is part of a broader wave of DNS hijacking attacks affecting DeFi platforms linked to the Squarespace reg...
Show more
Impact
The dYdX v3 website experienced a significant cyber incident in the form of a DNS hijack attack. As a result, end-user interactions with the compromised site exposed customer data, especially through a phishing scheme that tricked users into approving malicious transactions via a copycat website. This attack did not take down any critical systems or services, but it did compromise the website's integrity and led to potential phishing attacks targeting users' wallets.Fortunately, no internal company data, intellectual property, or source code was stolen in this attack. The quick response from...
Show more
KEEP YOUR ENVIRONMENT SECURE
Weak credentials are the leading cause of breaches. Beyond Identity can help.
See MFA exploits in action
Watch how adversaries exploit companies in quick videos