Celer Network Attack Is Causing DeFi Chaos Along With Compound Crash
Key Points:
Celer Network informed its users four hours after the attack, warning them to avoid celer.network and cbridge.celer.network while they investigated a potential DNS domain attack. Despite the Celer Network attack, it assured that their systems and funds remained secure and promised further updates as the situation evolved.
The Celer Network attack used is known as a ‘front-end’ attack, where hackers replace the project’s legitimate website with a fraudulent version. The method does not exploit vulnerabilities in smart contract code but instead targets the domain name service (DNS) registrar. Attackers often use social engineering or financial incentives to compromise the DNS registrar, redirecting users to phishing sites.
Security researcher Samczsun and DeFiLlama’s 0xngmi have identified the common link between the affected projects as their use of Squarespace for web hosting. 0xngmi has compiled a list of other potentially at-risk domains, highlighting a broader vulnerability in the DeFi space.
Earlier today, Compound Finance‘s frontend was similarly compromised, leading users to a phishing site at compound-finance.app. Security expert Michael Lewellen noted that this site could drain users’ funds if they interact with it, though the core Compound protocol and user deposits remain unaffected.
These attacks are part of a larger trend where hackers clone original websites, swapping out key elements to execute malicious transactions. These can transfer funds to hacker-controlled addresses or harvest token approvals. Other large DeFi projects using Squarespace, such as Pendle, Karak, Hyperliquid, and dYdX, may also be at risk of similar attacks.
DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing. |
Coinbase subpoena request was limited to SEC Chair Gary Gensler, focusing only on his communications…
Ethereum ETF trading might commence on Tuesday, July 23, following the ETFs' effectiveness on Monday.
Moku, a Quest to Earn platform on Ronin, rewards users for task completion. A big…
The meme coin ShibaShootout ($SHIBASHOOT), themed around the Wild West and Shiba Inu, has surpassed…
This momentous event is sending shockwaves through the political sphere and has significant implications for…
BlackRock CEO Larry Fink now sees Bitcoin as "digital gold" and a legitimate financial asset.
This website uses cookies.