Futures
Access hundreds of perpetual contracts
TradFi
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Pre-IPOs
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
Promotions
AI
Gate AI
Your all-in-one conversational AI partner
Gate AI Bot
Use Gate AI directly in your social App
GateClaw
Gate Blue Lobster, ready to go
Gate for AI Agent
AI infrastructure, Gate MCP, Skills, and CLI
Gate Skills Hub
10K+ Skills
From office tasks to trading, the all-in-one skill hub makes AI even more useful.
GateRouter
Smartly choose from 30+ AI models, with 0% extra fees
The DeFi protocol Aerodrome recently suffered a major setback. Their centralized domain name was hit by a DNS attack, and what’s even more outrageous is that the attack came from an insider at NameSilo, who directly bypassed 3DNS’s multisig security mechanism and redirected users to a phishing page.
This operation ultimately caused users to lose around $700,000. Once again, this incident proves that decentralized applications still rely on centralized domain service providers, which is a significant vulnerability. In the security architecture of on-chain dApps, domain-level protection clearly needs a much stronger solution.
When accessing DeFi protocols, users should always double-check the website and contract addresses—a little extra caution can be a lifesaver.
---
700,000 just disappeared like that; the domain service provider is indeed a dead end.
---
Speaking of which, one must be vigilant; phishing sites are hard to defend against.
---
The internal personnel committing crimes is the most ridiculous; all the multi-signature talk is pointless.
---
Decentralization has been shouted for so long, but it's stuck on traditional infrastructure like domains.
---
If this guy had checked the address bar, he might not have lost 700,000.
---
NameSilo's reputation has completely collapsed this time; it feels like no one will trust them anymore.
---
Checking URLs is actually a classic method that can really save lives, ironic.
---
Insiders are even more fierce than hackers; it's impossible to guard against them.
---
Another Web3 security disaster scene; how are there still so many people stepping into the pit?
Based on the data analysis of previous domain hijacking cases, the reason why the success rate of such attacks is so high fundamentally lies in the excessive reliance of on-chain applications on centralized infrastructure. The fact that NameSilo employees directly overstepped their authority reveals a deeper issue—single point of failure in access control.
It is recommended that on-chain projects seriously study the ENS solution. Although it is not perfect, it at least moves domain resolution authority one step onto the chain. A loss of $700,000 is indeed heart-wrenching, but in the long run, promoting the standardization upgrade of the industry in terms of domain security makes this cost worthwhile.
---
700,000 gone... this is the cost of trusting centralization, so frustrating.
---
They promised decentralization, but it's still stuck at DNS? Laughing to death, you can't escape the trap of centralization at all.
---
Damn, this operation, internal staff acting directly? What was the security audit doing?
---
In terms of domains, this is indeed the Achilles' heel of Decentralized Finance, we need to find a way to go on-chain.
---
Can't even save bookmarks? Have to verify the contract address every time, so annoying.
---
Aerodrome stumbled, other projects should reflect on this, everyone should check their domain security.
---
Multi-signature was breached by an insider, now it's defenseless.
---
No wonder pros say DeFi is still in its early stages, there are still a bunch of vulnerabilities.
---
The key issue is how users can distinguish between real and fake websites? Isn't this just letting newbies lose money?
---
700,000 is gone, I just want to ask who is going to compensate?
---
With both DNS and multi-signature, it still boils down to the fault of centralization.
---
Verifying URLs is an outdated trick; we really need to think of ways to block it at the source.
---
Insiders at NameSilo have completely broken through defenses; this level of trust... never mind.
---
It’s always like this, dApps shout about Decentralization, but in the end, domain names still rely on centralized guardians.
---
It’s hard to defend against; phishing pages are so well made that even I can’t tell the difference.
---
If triple DNS and multi-signature can't prevent insiders, then what’s the point of multi-signature?
---
This shows that there are pitfalls everywhere in the ecosystem; we have to keep our eyes wide open.
---
Centralized domain names are the Achilles' heel of Web3; whoever solves it wins big.
---
$700,000 just disappeared like that, trust issues are the most fatal
---
I've said it countless times, don't click on strange links, but some people just don't listen
---
The security vulnerabilities in the domain name area really need to be taken seriously, otherwise decentralization is pointless
---
Internal personnel committing crimes? That's too much, who can defend against that
---
If multi-signature can be bypassed, then security measures are essentially useless
---
Phishing pages are so easy to fall for, users need to be more vigilant
---
This incident shows that dApps still need to be optimized, we can't just rely on domain names for sustenance
---
An insider at NameSilo directly bypassed the multi-signature... what happened to Decentralization?
---
700,000 just disappeared like that; the domain name space is indeed a dead spot.
---
I just want to know, what is the point of multi-signature if it can be bypassed internally?
---
I've said it before, the joke is that decentralized applications cannot exist without centralized infrastructure.
---
Checking the URL before accessing DeFi is too low-level; the technical solution is fundamental.
---
This incident has completely damaged NameSilo's reputation, and the trust in the whole industry has declined.
---
Centralized domain names are the cancer of web3; when can this be solved on-chain?
---
700,000 USD, bro; this phishing attempt is really harsh.
---
Insiders are scarier than Hackers; multi-signature is practically useless.
---
The domain name aspect is indeed the Achilles' heel of Web3, what’s the point of decentralization?
---
Where’s the multi-signature we talked about? In the end, it still can’t prevent internal personnel, it’s really a human issue.
---
Now even DNS isn’t safe, I truly don’t know what to trust anymore, maybe building my own Node is more secure.
---
That’s why I have to manually verify contract addresses every time, it’s a hassle but at least it gives me peace of mind.
---
Ngl, this incident really broke my defenses, NameSilo's reputation is completely tarnished now.
---
$700,000... Someone has gone bankrupt because of this, just thinking about it makes me feel awful.
---
So we still have to use ENS, a truly decentralized solution, but why is it so troublesome to use?
---
Insiders are even more ruthless than hackers, multi-signature is practically useless in the face of internal corruption.
Regarding the insider at NameSilo, 700,000 USD just disappeared like that, really interesting. Centralization has always been a source of concern.