Web 2 problems for Web 3 projects
“People fear the new and unknown. They prefer the old, the known, and checked truths. They are afraid of what the new can bring to them. They are afraid that they can lose what they have.”
GoDaddy, the company responsible for registering Web 2 domain names and web hosting, was attacked by cybercriminals with extensive knowledge of decentralized finance (DeFi). Protocols such as SpiritSwap, QuickSwap, and Dextools were targeted, and users’ funds were stolen. In SpiritSwap’s particular case, hackers modified the interface to divert the users’ funds to their crypto wallets.
On the other hand, hackers also targeted CoinGecko and Etherscan and gained access to these apps via this centralized service. On May 13th and 14th, hackers injected a malicious script through advertising via Coinzilla, an advertising network focused on digital finance and cryptocurrencies, and managed to attack them.
By the end of 2021, an attack similar to the previously mentioned was discovered: a group of hackers cracked the front-end of BadgerDAO and injected a malicious script that tricked the protocol's users into granting permission to access their funds. According to data provided by Peckshield, an auditing firm for smart contracts, the total sum they succeeded in stealing was USD 120 million.
For instance, if decentralized finance protocols and decentralized autonomous organizations continue to employ centralized services for web hosting, these attacks will only take place more frequently.
Behind these centralized integrations, cybercriminals find a pool of vulnerabilities to steal funds and corrupt every creation whose intention is to be decentralized.
Undoubtedly, it is our belief that Web 3 fosters a completely sovereign and free future characterized by collective ownership and digital property, as this third generation of the Internet gives people all the ownership rights they forfeited with Web 2 by means of technology companies, and now everyone is able to own a part of the Internet. Nevertheless, there is still widespread resistance to new tools born in this new era that help end these types of scourges forever.
Preventing these attacks
The good news is that there are already hundreds of developers building over Web 3 with the aim of abandoning the old companies we all are familiar with and with which we fully trust to create, host, improve and maintain web applications.
For example, in the particular cases of GoDaddy, a traditional company that acquires and registers domains on the Internet, what occurred could have been avoided by resorting to Handshake (HNS). This censorship-resistant naming protocol stores Top Level Domain (TLD) ownership data in its blockchain, thus eliminating the need for authorities such as the ICANN or domain lenders.
Within Handshake, there is a consensus protocol that replaces the ICANN root servers with an authoritative name server committed to the blockchain. It is worth noting that since Handshake is akin to the legacy record system DNS, developers can also direct their customized HNS domain to Media Network’s .dcdn resources. Read more about our Handshake integration here.
On the other hand, BadgerDAO could have prevented the loss of USD 120 million if they had employed a decentralized CDN such as Media Network, which enables the use of multi-sig so as to prevent the theft of the administrator account and the injection of the malicious code into the front-end. More info here.
About Media Network
Media Network is a protocol that foregoes traditional centralized CDN approaches and opts for a self-governed, community-powered alternative. We’ve created a decentralized bandwidth market that enables anyone to hire or provide resources from the network as the demand for last-mile content delivery fluctuates.