Bitcoin casual marketplace Ordswap has been hit by a phishing attack
Bitcoin ordinals marketplace Ordswap has lost control of its official domain, and has temporarily suspended operations as a result.
On October 9, the Ordswap team notified users that they had taken control of their public domain.
The group issued this message in a post on XPlatform (formerly Twitter), warning users to “not connect to the Ordwap domain. We are not currently controlling the domain.”
The marketplace has not released a full incident report detailing the cause and extent of the incident. But it is speculated that the issue may be from the web hosting company Netlify.
Users of the marketplace's Discord server have complained about a license key being dumped on the Ordswap website to carry out a phishing attack.
A user on X called the key a “wallet leaker” — a tool favored by crypto hackers that tricks victims into signing malicious transactions.
Ordswap plans to retrieve users' keys.
In a recent update, Ordswap introduced a solution that helps users recover their private keys while actively working to control the website's domain.
On October 10, the platform took to Twitter to announce an online tool designed to help users who used MetaMask access the platform while recovering their Ordswap private keys.
This tool allows users to securely transfer their assets to alternative service providers. Ordswap was launched in 2023 as a trustless marketplace for trading Bitcoin Ordinals.
A recent incident highlights the rise of phishing attacks in recent years.
On September 20, 2023, when Balancer fell victim to a similar attack, approximately $240,000 in property was stolen.
Balance suspects that the attackers carried out a social engineering attack against DNS service provider EuroDNS.
This allowed the attackers to issue a deceptive request, tricking users into authorizing a malicious contract that withdraws funds from their wallets.
However, a few hours later, the automated marketer announced that they had successfully resolved the issue, and the domain was back under their control.
