Futures
Access hundreds of perpetual contracts
TradFi
Gold
One platform for global traditional assets
Options
Hot
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Introduction to Futures Trading
Learn the basics of futures trading
Futures Events
Join events to earn rewards
Demo Trading
Use virtual funds to practice risk-free trading
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Pre-IPOs
Unlock full access to global stock IPOs
Alpha Points
Trade on-chain assets and earn airdrops
Futures Points
Earn futures points and claim airdrop rewards
EasyDNS Admits Responsibility After Social Engineering Attack Briefly Hijacks eth.limo
eth.limo was briefly hijacked after an attacker used social engineering to trick registrar EasyDNS into initiating an account recovery.
EasyDNS said the incident was its first successful social engineering breach in 28 years and accepted responsibility for the compromise.
The registrar, not the protocol, became the weak point.
Ethereum Name Service gateway eth.limo was briefly hijacked late Friday after an attacker impersonated a team member and convinced the registrar, EasyDNS, to initiate an account recovery process, according to post-mortems published by both the project and EasyDNS chief executive Mark Jeftovic.
A registrar recovery flow became the entry point
The timeline was tight, but not trivial. At 7:07 p.m. EDT on April 17, the attacker reportedly contacted EasyDNS while posing as a member of the eth.limo team. That led to the registrar initiating an account recovery flow. Hours later, at 2:23 a.m. EDT on April 18, the attacker changed the domain’s nameservers to Cloudflare, triggering automated downtime alerts that woke the eth.limo team.
The nameservers were switched again at 3:57 a.m. EDT, this time to Namecheap, before EasyDNS restored account access to the legitimate team at 7:49 a.m. EDT.
That sequence matters because the compromise did not begin with a smart contract exploit or a wallet breach. It began with a support process. In crypto, that distinction keeps coming up. The code can be sound, but the surrounding infrastructure, domains, registrars, email flows, support desks, still carries old internet risks.
The potential blast radius was much larger than one website
eth.limo is not a niche domain redirect. It acts as a free, open-source reverse proxy that allows standard browsers to access ENS-linked content stored on IPFS, Arweave or Swarm by appending “.limo” to a .eth name.
Its wildcard DNS record, *.eth.limo, covers roughly 2 million ENS domains. That meant a successful hijack could have redirected traffic for any .eth page accessed through the gateway, including Vitalik Buterin’s blog at vitalik.eth.limo, toward phishing infrastructure.
EasyDNS said it accepts responsibility for what it described as its first successful social engineering breach in 28 years. For ENS users, the incident is another reminder that decentralization often still depends on very centralized pieces of plumbing, and when one of those pieces slips, the consequences can scale fast.