Beanstalk Immunefi Committee
Reward 1,000 Beans to the whitehat that reported the issue that could result in takeover of phoenix.node.bean.money subdomain.
The phoenix.node.bean.money subdomain was pointing to an unclaimed Google Cloud IP address, making it vulnerable to subdomain takeover. This would allow an attacker to potentially phish users by displaying malicious information and/or links at the subdomain.
Remove phoenix.node.bean.money from the Cloudflare DNS settings.
The BIC determined that the impact of this issue is low given that the phoenix.node.bean.money subdomain is not in use (it was an old RPC URL used by Beanstalk Farms for testing) and is easily mitigated.
That said, all bean.money subdomain takeovers were in scope at the time the bug was reported (categorized as High impact). For these reasons, the BIC has determined that this bug report be rewarded 1,000 Beans.