coinedition.com
On April 18, 2026, Vitalik Buterin warned users of a Domain Name System (DNS) registrar attack on eth.limo, advising against visiting vitalik.eth.limo or other eth.limo pages until security is restored. Buterin provided a direct InterPlanetary File System (IPFS) link to access his blog safely, bypassing the DNS vulnerabilities in Ethereum Name Service ($ENS) related services.
Vitalik Buterin Warns of eth.limo DNS Attack
On April 18, 2026, Ethereum co-founder Vitalik Buterin issued a public warning on X about a Domain Name System (DNS) registrar attack targeting eth.limo, a popular open-source gateway service that helps users access Ethereum Name Service ($ENS) content through standard web browsers by routing decentralized content.
Buterin stated, “The kind people at @eth_limo have warned me that there has been an attack on their DNS registrar.
So please do not visit https://vitalik.eth.limo/ or other https://eth.limo/ pages until they confirm that things are back to normal.” He recommended accessing his blog safely via a direct InterPlanetary File System (IPFS) link as a workaround while the issue is resolved.
Hijacked Registrar Redirects $ENS Traffic to Phishing Sites
The eth.limo DNS attack occurred because the service relies on a centralized domain registrar to manage its DNS records. Attackers compromised the eth.limo team’s account at this registrar, gaining full control over DNS settings for the main domain and all *.eth.limo subdomains. This classic hijacking method allowed traffic to be redirected without affecting the Ethereum blockchain or the $ENS protocol.
eth.limo functions as a convenient gateway that translates $ENS names into standard HyperText Transfer Protocol Secure (HTTPS) links for ordinary browsers. This bridge creates a single point of failure as the centralized DNS layer remains vulnerable even as the underlying Web3 infrastructure stays secure and immutable.
The eth.limo team quickly confirmed the breach, stating: “our domain appears to have been compromised and the eth.limo domain has been hijacked. We’re actively working with all parties involved to assess the situation and remediate the problem.”
What’s the Impact on Web3 Infrastructure?
While the core $ENS protocol on Ethereum and the underlying IPFS data remain fully secure and immutable, the attack has exposed the fragile bridge many rely on for seamless Web3 navigation. This attack has forced users to switch to direct IPFS links and alternative gateways.
The attack highlights Web3’s reliance on centralized DNS registrars for gateways like eth.limo, creating single points of failure that enable phishing redirects and increasing calls for $ENS and IPFS adoption.
Furthermore, broader implications could include slower mainstream $ENS adoption, reduced trust in gateway services, and a shift toward Web3 identity. Community discussions emphasize accelerating fully decentralized access methods, such as local nodes or browser integrations, to minimize reliance on centralized infrastructure.
Therefore, until these gaps are addressed, hybrid systems may continue exposing users to DNS-based risks, reinforcing the need for stronger security practices at every layer of the decentralized web stack.
Related: CwSwap Breach Triggers Alert as Blockaid Flags Critical Flaw