Decentralized exchange OpenLedger’s access portals (https://openledger.info/ and https://openledger.io/welcome) have reportedly been compromised by a phishing attack. In a blog post by the OpenLedger team posted on June 2, users are warned that “it’s not secure to use OpenLedger domain even if it’s URL is highlighted as trusted at that moment,” and are instead advised to “please use only bitshares domain https://wallet.bitshares.org.”
A Medium post describing what happened declared that “our GoDaddy’s account was hacked and openledger.io and openledger.info domains are now controlled by malicious individuals. Attempting to obtain login credentials of OpenLedger DEX users, they used these domains to set up a phishing site with an interface extremely similar to the exchange’s original one.”
Pleas read carefully – the latest update from our team:
OpenLedger DEX Update: All OPEN.Asset Activities Suspended Until We Regain Access to Our GoDaddy’s Accounthttps://t.co/i3ZS0P7KpZ#OpenLedger #bitshares #security
— OpenLedger (@OpenLedgerDEX) June 4, 2018
Resolution Will Take “Some Time”
The post went on to explain that together, OpenLedger’s attorneys and GoDaddy’s representatives are working on finding a solution. However, “due to GoDaddy’s complex legal rules, the resolution of the issue may require some time.” The meaning of “some time” was not specified. However, until the matter is resolved, “trading, withdrawals, deposits, and transfers of all the OPEN. assets will be suspended.”
While users have been advised to use the market.rudex.org and wallet.bitshares.org domains to access OpenLedger. Even though BitShares has not been directly affected by the phishing attack, users have been told to avoid making deposits or withdrawals.
New Economic Calendar Feature Added to FBS Personal Area and AppsGo to article >>
Users who fear that their accounts have been compromised are advised to submit a support ticket at openledger.freshdesk.com and to change their BitShares key on wallet.bitshares.org.
The exchange originally suspended all deposits and withdrawals on June 2nd after learning of a problem:
Dear OpenLedger Users,
all deposits/withdrawals and https://t.co/jjE9yCMW0s domains are temporary closed, until circumstances are clarified.
Our technical department is working hard to open it as soon as possible.https://t.co/D8yzpHUXNZ
— OpenLedger (@OpenLedgerDEX) June 2, 2018
Phishing attacks remain a complex and dangerous issue within the crypto space. Earlier this year, MyEtherWallet was the victim of a phishing attack that resulted in the theft of 515 ETH.