EasyDNS has admitted responsibility for the hijacking of eth.limo, citing the company's first social engineering attack in its 28-year history.

BlockBeats News, April 20, according to The Block, the Ethereum Name Service (ENS) gateway eth.limo was briefly hijacked at its domain registrar on Friday night. The project team stated in a post-incident analysis report released on Saturday that the event was due to a social engineering attack.

Based on the post-incident report and another blog post by Mark Jeftovic, on April 17 at 7:07 p.m. Eastern Time, the attacker impersonated a member of the eth.limo team to deceive the domain registrar EasyDNS into initiating an account recovery process.

The timeline shows that the attacker switched eth.limo's domain servers to Cloudflare at 2:23 a.m. on April 18, triggering an automatic downtime alert and alerting the eth.limo team. Then, at 3:57 a.m., the domain servers were switched back to Namecheap. Finally, EasyDNS restored the team's account access at 7:49 a.m.

eth.limo is a free, open-source reverse proxy service that allows users to access content associated with Ethereum Name Service and hosted on IPFS, Arweave, or Swarm by adding ".limo" to any .eth domain, enabling access in a regular browser. According to data cited by EasyDNS, its wildcard DNS record *.eth.limo covers approximately 2 million .eth domains registered through ENS.