Hackers exploited the vulnerability to attack the node infrastructure gateways connecting Polygon and Fantom on Friday. Users gained access to the networks. layer 1 this through the Ankr endpoint. Then a pop-up tricked them into entering the wallet seed phrase.
The hacker sent the message "funds at risk" with a link to a website prompting users to enter the seed phrase. By collecting seed phrases, the hacker accesses the victim's wallet to steal funds.
Ankr provides access to the blockchain Proof-of-Stake through node endpoints, staking services and other products. The protocol is considered an important pillar of the Web3 infrastructure along with other similar projects such as Alchemy and Infura. However, like most node operators, it is a centralized entity owned by the company, not the company. KNIFE.
Anonymous security researcher CIA Officer has alert user about service hack on Twitter today, before Polygon chief information security officer Mudit Gupta notification urge users to use Alchemy or an alternative node provider until the error is fixed.
Gupta then say more Polygon will “work closely with Ankr to ensure this does not happen again” and lay out plans for a decentralized RPC gateway project. Ankr also confirm attack on Twitter, saying it was "investigating a number of reported issues".
The extent of the damage of the exploit attack is unknown, and Ankr has yet to fully report it. In the meantime, the team has directed Polygon and Fantom users to two other alternative RPC endpoints.