Key Takeaways:
The DNS registrar for eth.limo, a widely used gateway for the Ethereum Name Service (ENS), was attacked on April 18, 2026, prompting a security alert from Ethereum co-founder Vitalik Buterin.
"The DNS registrar for eth.limo was attacked," Buterin stated, advising users to "temporarily stop accessing vitalik.eth.limo or other eth.limo pages." He recommended users switch to alternative gateways or access content directly via IPFS until the issue is resolved.
Eth.limo acts as a bridge, allowing users to access ENS domains—which are decentralized and stored on the Ethereum blockchain—through traditional web browsers. The security breach occurred at the DNS registrar level, a centralized point of failure, rather than on the decentralized ENS protocol itself. This vulnerability could allow attackers to redirect traffic to malicious sites, posing a significant phishing and asset theft risk to users attempting to access legitimate .eth domains.
The attack underscores the persistent challenges of integrating decentralized technologies with legacy internet infrastructure. While ENS offers a censorship-resistant and user-owned naming system, its accessibility often relies on centralized gateways like eth.limo. The incident may lead to a temporary loss of confidence in such services and push for more robust, decentralized alternatives for accessing Web3 domains. It serves as a critical reminder for users to verify the integrity of the sites they connect to, especially when interacting with crypto wallets.
This article is for informational purposes only and does not constitute investment advice.
