On September 18, 2024, Ethena Labs experienced a front-end attack after hackers compromised its domain registrar, enabling the redirection of users to fraudulent websites. Ethena Labs swiftly took its website offline to prevent further damage, reassuring users that no customer funds were affected and that the Ethena protocol remained secure.
The company urged its users to avoid interacting with any website or application claiming to be Ethena until the issue was resolved. Security firms such as Blockaid issued warnings, advising users to immediately disconnect their wallets and refrain from signing any transactions during the attack. Additionally, MetaMask flagged Ethena’s site as deceptive due to the risk of phishing attempts targeting user credentials.
Despite the breach, Ethena Labs emphasized that the underlying blockchain technology and its protocol were not impacted, underscoring that all user funds remained safe. This event highlights the growing trend of front-end attacks in the decentralized finance (DeFi) space, where hackers exploit vulnerabilities in traditional web2 services, such as domain registrars, to target web3 platforms.
Ethena Labs continues to work on restoring its website and strengthening its security to prevent future attacks of this nature.