What a crazy story. I wonder if the attack surface (now burned) was worth six figures.
I don’t know enough about smart contracts to know what makes the C2 domain resolution so easy, but this is pretty gnarly. Supply chain attacks are not going away any time soon.
IFIN is working this, btw. Stay tuned.