If target (a crypto wallet website) has both DNS authoritative with DNSSEC and the website, you should be able to detect a change in signing as being invalid.
Key thing is thou that the authoritative DNS server must also reside on the web server.
And gotta turn that DNS cache off or keep TTL short.
No. DNS was not affected by the attack. DNSSEC verifies that the contents of the DNS responses were not altered or spoofed. During this attack, the DNS records were left alone. The DNS response returned the real IP addresses in response to queries and the DNSSEC signature would still be valid.
The IP addresses themselves were hijacked. DNS has no authority over IP addresses so DNSSEC would be pointless.
Key thing is thou that the authoritative DNS server must also reside on the web server.
And gotta turn that DNS cache off or keep TTL short.