Hackers Seize 100 Abandoned DeFi Protocols

Cybercriminals are seizing domains of abandoned DeFi protocols en masse to deceive users and steal their cryptocurrency, according to cybersecurity firm Coinspect. 

Hackers exploit old domains of inactive dapps, which are still mentioned on well-known platforms like DeFi Llama and DappRadar or in the news. After taking over, the cybercriminals inject malicious code and alter the site’s content.  

“Unlike typical phishing attacks, there is no need for spam emails or social engineering. Users can land on a malicious site by following a link from an old video or through a DeFi aggregator,” experts noted. 

Experts have identified 100 such domains, with another 475 at risk. 

One example is the blockchain platform Astar Exchange, which held $3.5 million. The platform ceased operations in February 2024, and the project’s domain name expired in April 2025. 

In July, the Astar domain was re-registered, Coinspect analysts told DLNews. On the homepage, the attackers posted a phishing notice offering to withdraw funds from the platform. Users lost cryptocurrency by clicking on the link in this publication. 

Similar incidents occurred with projects ADAO, Andromeada, and Ladex Exchange. Experts are still unsure who is behind the attacks. The exact amount stolen is also difficult to assess, as hackers frequently change wallet addresses. 

How to Protect Yourself?

Experts recommend that projects renew domains even after closure, post warnings about ceasing operations, and notify analytical platforms. 

Users should: 

• verify the validity of links;
• avoid signing transactions on suspicious sites;
• use wallets with protection against fraudulent domains. 

According to Coinspect experts, the attacks are currently relatively primitive. However, they warned: 

“If attackers complicate their methods (for example, by restoring the projects’ social media), detecting the forgery will become much more difficult.” 

Back in January, CertiK experts reported on the growing threat of phishing.