Ordswap urges users to retrieve keys after losing control of the website
Ordswap, a marketplace that allows users to write, sell and trade Bitcoin Ordinals, has created a mechanism for users to extract their private keys as it attempts to regain control of the website's domain.
In an October 10 X (Twitter) post, the Ordswap X account shared an online tool to help users who logged into the site through MetaMask recover their Ordswap private keys, allowing them to transfer to other providers.
The source for Metamask users to get the key is now available below. You can import to Unisat (hex). https://t.co/NGaaLiNNwW
— Ordswap (@ordswap) October 10, 2023
Hours ago, on October 9, Ordswap issued a stern warning to its users not to connect to the domain as they do not control it. He linked the case to Netlifi, a website development and hosting company.
We are working on publishing the source to get a key for Metamask users if they haven't found their key. The issue seems to be with Netlify, but we are still working on it. https://t.co/uYGxJkzGfj
— Ordswap (@ordswap) October 9, 2023
A member of the Ordwap team and users on the project's Discord server have reported that for some time, the website has displayed a button that prompts users to link their crypto wallets in an apparent attempt to trick users.
An X user reported that the key is a wallet drain. As of this writing, Ordswap's website has been moved directly to a competing marketplace, RelayX.
A member of the Ordswap team on Discord said the project did not see any impact on user private keys or assets as a result of the breach, but said users could be compromised if they connect to the site.
Related: FTX Hacker May be Using SBF Test as Smoke Screen: CertiK
In late September, the website of Ethereum-based automated market maker Balancer was compromised in a seemingly similar attack, with attackers making off with nearly $240,000.
Balaner later said he believed the exploiters had carried out a social engineering attack against DNS service provider EuroDNS, which allowed attackers to trick users into approving malicious contracts that destroyed their wallets.
Collect this article as an NFT to preserve this in history and show your support for free journalism in the crypto space.
Magazine: NFT Collector: Giant Swan Gothic VR Dream Visions… Royalty Fantasy on OpenSea
