Back
Vitalik Buterin Warns Users Away From eth.limo After DNS Registrar Attack

Vitalik Buterin Warns Users Away From eth.limo After DNS Registrar Attack

EasyDNS states the eth.limo incident resulted from a social engineering breach of its own systems, briefly giving an attacker control of a key ENS web gateway before service was restored.

ETH
ENS

Fact Check
The claim has two parts: first, that Vitalik Buterin warned users away from eth.limo during a DNS registrar attack; second, that ETH.LIMO later said service had resumed and returned to team control. The fetched article 'eth.limo DNS was attacked, Vitalik suggested pausing access and switching to IPFS' supports the first part by explicitly stating that Vitalik advised users not to visit vitalik.eth.limo or related eth.limo pages temporarily. The fetched article 'ETH Limo Warns of DNS Registrar Attack, Advises Caution' supports the broader incident description and says ETH Limo told users to avoid the site until normal operations resumed, implying a temporary outage and restoration process. However, I was not able in this run to fetch a direct primary post from Vitalik or a direct official recovery statement from ETH.LIMO confirming the exact phrase 'returned to team control,' so the wording is not fully verified at primary-source level. Still, the available corroboration aligns well with the substance of the statement.
    Reference
Summary

eth.limo’s April 17 outage and security incident was caused by a social engineering attack against registrar EasyDNS, which the company says led to a failure in its own internal systems and briefly allowed an attacker to take control of the domain. The affected service was eth.limo, a major web gateway for the Ethereum Name Service, rather than the ENS protocol itself. Earlier reporting said the attacker attempted DNS changes but DNSSEC blocked unauthorized record modifications because the eth.limo signing key was not compromised. The service was later restored, and prior statements indicated that core ENS infrastructure and eth.link were not affected.

Terms & Concepts
  • DNSSEC: Domain Name System Security Extensions use cryptographic signatures to help resolvers detect and reject unauthorized or tampered DNS records.
  • Ethereum Name Service: A blockchain-based naming system that maps readable .eth names to wallet addresses, websites, and other resources.
  • eth.limo: A web gateway that lets standard browsers access content linked to ENS names without requiring native ENS support.