A tweet from Dominic Alvieri, a cybersecurity analyst and security researcher, sent shockwaves through the crypto community as it claimed that the Ethereum Name Service (ENS) had fallen victim to a breach, resulting in data being dumped by SiegedSec.
Launched in 2017 by Nick Johnson, Ethereum Name Service, a distributed and decentralized naming system operating on the Ethereum blockchain, simplifies complex identifiers, such as lengthy hexadecimal strings and crypto wallet addresses, into more readable and user-friendly wallet names.
ENS serves the purpose of facilitating the sharing and memorization of Ethereum blockchain addresses.
Rather than sharing a convoluted address like “0x4h42j34298sd68” for receiving payments on your Ethereum wallet, ENS enables the purchase of human-readable domain names, like “johndoe.eth,” making it significantly easier to remember and utilize addresses within the Ethereum ecosystem.
Amid initial skepticism about Dominic’s warning, with questions raised about the dumping of already public data, another tweet from @officer_cia, a threat researcher, provided evidence of SiegedSec’s announcement about the hack through its Telegram channel.
The message from SiegedSec revealed their acquisition of data from three databases, including that of Ethereum Name Service.
“~mmmmm yummm, Siegedsec brings to you the goodies of 3 databases coming from Ethereum Name Service, The-people fitness, & TMS or The Masonry Society. well over 10GB included here !!!!!!!1!!1!”
The group ascertained that the data trove exceeded 10GB and contained sensitive information, including usernames, hashed passwords, authentication access tokens, LockLizard account details, and more.
As the crypto community grappled with the implications of this data breach, questions arose about the nature of the downloaded data and whether it was publicly scraped information.
Some members intended to examine the data more closely. Regardless, cautionary advice was circulated to change passwords and cross-verify the configuration of ENS settings, ensuring that resolved addresses remained intact.
SiegedSec’s Attempt to Hack Ethereum Name Service (ENS) Fails; Data Found to be Non-Sensitive
Following thorough examination by several members, it has been unequivocally established that the data claimed to be “hacked” by SiegedSec contains only Ethereum Name Service (ENS) names.
Additionally, the hash mentioned is merely the hexadecimal representation of the token ID.
To summarize, this incident does not constitute a leak of sensitive or private information. The data alleged “leaked” appears to be on a public database.
Since Russia invaded Ukraine and the ensuing global cyber war, many new offensive cyber cells emerged. While some are strictly hacktivist, targeting entities in Russia, others exploit the momentum of the cyber onslaught for more sinister and self-serving cybercriminal activities.
Among them is SiegedSec, a cyber cell led by the prominent hacktivist YourAnonWolf. It has significantly amplified its impact by claiming many victims in recent months.
Since its emergence in late February 2022, SiegedSec has demonstrated its capability to deface and compromise numerous websites, and databases, especially government-owned ones.
These defacements have been marked by juvenile and crude language and graphics.
In April 2022, SiegedSec boldly declared they had successfully defaced over 100 domains. They provided evidence through a hosting chat dialogue, revealing that account passwords had been altered and the defacements rectified.
However, they subtly hinted that they retained access to these domains.
While SiegedSec is known for its notorious activities in the centralized sector, its effort to hack into Ethereum Naming System, a decentralized platform backed by the Ethereum blockchain, is a failure.