Celer Network Attack Is Causing DeFi Chaos Along With Compound Crash
Key Points:
- Celer Network attack is causing users to malicious phishing sites, although the company assures their systems and funds are secure.
- Hackers employed ‘front-end’ attacks by compromising DNS registrars and replacing legitimate websites with fraudulent versions to steal funds.
In a coordinated attack on Thursday, the websites of Celer Network and Compound Finance were compromised, redirecting users to malicious phishing sites.
Celer Network Attack Targeted in Phishing Websites
Celer Network informed its users four hours after the attack, warning them to avoid celer.network and cbridge.celer.network while they investigated a potential DNS domain attack. Despite the Celer Network attack, it assured that their systems and funds remained secure and promised further updates as the situation evolved.
The Celer Network attack used is known as a ‘front-end’ attack, where hackers replace the project’s legitimate website with a fraudulent version. The method does not exploit vulnerabilities in smart contract code but instead targets the domain name service (DNS) registrar. Attackers often use social engineering or financial incentives to compromise the DNS registrar, redirecting users to phishing sites.
Security Flaws in Squarespace Linked to Multiple DeFi Hacks
Security researcher Samczsun and DeFiLlama’s 0xngmi have identified the common link between the affected projects as their use of Squarespace for web hosting. 0xngmi has compiled a list of other potentially at-risk domains, highlighting a broader vulnerability in the DeFi space.
Earlier today, Compound Finance‘s frontend was similarly compromised, leading users to a phishing site at compound-finance.app. Security expert Michael Lewellen noted that this site could drain users’ funds if they interact with it, though the core Compound protocol and user deposits remain unaffected.
These attacks are part of a larger trend where hackers clone original websites, swapping out key elements to execute malicious transactions. These can transfer funds to hacker-controlled addresses or harvest token approvals. Other large DeFi projects using Squarespace, such as Pendle, Karak, Hyperliquid, and dYdX, may also be at risk of similar attacks.
| DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing. |
Author
News
Celer Network Attack Is Causing DeFi Chaos Along With Compound Crash
Key Points:
- Celer Network attack is causing users to malicious phishing sites, although the company assures their systems and funds are secure.
- Hackers employed ‘front-end’ attacks by compromising DNS registrars and replacing legitimate websites with fraudulent versions to steal funds.
In a coordinated attack on Thursday, the websites of Celer Network and Compound Finance were compromised, redirecting users to malicious phishing sites.
Celer Network Attack Targeted in Phishing Websites
Celer Network informed its users four hours after the attack, warning them to avoid celer.network and cbridge.celer.network while they investigated a potential DNS domain attack. Despite the Celer Network attack, it assured that their systems and funds remained secure and promised further updates as the situation evolved.
The Celer Network attack used is known as a ‘front-end’ attack, where hackers replace the project’s legitimate website with a fraudulent version. The method does not exploit vulnerabilities in smart contract code but instead targets the domain name service (DNS) registrar. Attackers often use social engineering or financial incentives to compromise the DNS registrar, redirecting users to phishing sites.
Security Flaws in Squarespace Linked to Multiple DeFi Hacks
Security researcher Samczsun and DeFiLlama’s 0xngmi have identified the common link between the affected projects as their use of Squarespace for web hosting. 0xngmi has compiled a list of other potentially at-risk domains, highlighting a broader vulnerability in the DeFi space.
Earlier today, Compound Finance‘s frontend was similarly compromised, leading users to a phishing site at compound-finance.app. Security expert Michael Lewellen noted that this site could drain users’ funds if they interact with it, though the core Compound protocol and user deposits remain unaffected.
These attacks are part of a larger trend where hackers clone original websites, swapping out key elements to execute malicious transactions. These can transfer funds to hacker-controlled addresses or harvest token approvals. Other large DeFi projects using Squarespace, such as Pendle, Karak, Hyperliquid, and dYdX, may also be at risk of similar attacks.
| DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing. |
Other Posts
Related Posts
News
MicroStrategy Bitcoin Investment Will Be Boosted With $2 Billion Share Offering Plan
News
Layer 2 Starknet Discord Server Has Been Hacked, Users Are Now Being Warned
News
Former President Donald Trump Outlines Pro-Bitcoin Strategy at 2024 Nashville Conference
News
Hamster Kombat Players Exceed 300 Million, 60% of Airdrops Will Be Dedicated
Press Releases
PlayDoge ICO Raises $5.7 Million: Analyzing Why Investors Are Taking Notice
News
Hamster Kombat’s Token Will Launch on TON Blockchain With Breakthrough Milestones
Latest
The 5 Trending Crypto Presales to Watch In 2024 For Greater Profits
The Top Crypto Presale Website Wings Higher with the Orange Flag
CFTC Investigates Ben Armstrong Former Company Over Alleged Meme Coin Scam
Press Release
The 5 Trending Crypto Presales to Watch In 2024 For Greater Profits
The Top Crypto Presale Website Wings Higher with the Orange Flag
