Ordswap, a marketplace that facilitates the inscription, auction, and trading of Bitcoin Ordinals, has found itself in a precarious situation as it works to regain control of its website domain. In response to the domain issue, the platform has devised a method to assist users in recovering their private keys.
On October 10, the Ordswap X Twitter account shared an online tool aimed at helping users who had logged into the platform through MetaMask to retrieve their Ordswap private keys. This would enable them to migrate to alternative service providers. The move came after Ordswap issued a warning on October 9, cautioning users against connecting to its domain due to a loss of control. The blame was placed squarely on Netlify, a website development and hosting company.
Reports emerged on Ordswap’s Discord server indicating that, at one point, the website featured a button urging users to connect their cryptocurrency wallets, seemingly in an attempt to phish unsuspecting users. One user on the platform reported that the button functioned as a wallet-draining tool, which has become increasingly popular among crypto scammers. Currently, Ordswap’s website automatically redirects users to a rival marketplace called RelayX.
Despite the domain breach, an Ordswap team member on Discord stated that there had been no reported impact on user private keys or assets. However, the possibility of user compromise remained for those who interacted with the site. This incident bears similarities to a late September attack on the website of the Ethereum-based automated market maker, Balancer, where attackers managed to make off with approximately $240,000 worth of funds.
Balancer later revealed that it believed the attackers had executed a social engineering attack on its DNS service provider, EuroDNS. This allowed the attackers to input a prompt designed to trick users into approving a malicious contract, ultimately draining their cryptocurrency wallets.
The incident highlights the ongoing need for heightened vigilance and security measures in the cryptocurrency space, as cyberattacks continue to pose significant risks to users and platforms alike.
