News

Compound Security Breach Has Now Been Fixed

Key Points:

Compound security breach has now been fixed after a phishing attack caused risks to user data and assets.
Compound Labs restored security to the compound.finance site and advised users to verify URLs to avoid fraudulent sites.
The incident highlights ongoing security challenges in DeFi, possibly due to registrar vulnerabilities.

Compound Labs has successfully restored the compound.finance website’s security following a phishing incident that compromised its frontend.

Compound Security Breach: Phishing Attack Targets User

Users are urged to ensure they are visiting the correct website by checking the URLs: “compound.finance,” “app.compound.finance,” or “compoundlabs.xyz.” Any deviation from these URLs may lead to a fraudulent site.

The incident, confirmed by Michael Lewellen, the Compound’s Security Advisor, involved a sophisticated phishing attack where the legitimate site was replaced with a malicious counterpart. Despite the Compound security breach, its smart contract funds remain secure.

Security experts like ZachXBT and members of the Compound Finance team have cautioned users against interacting with the compromised site to avoid potential data and asset losses.

DeFi Security Concerns Amplified by Domain Hijacking Incidents

Compound Finance, a prominent decentralized finance (DeFi) platform allowing token deposits, lending, and borrowing on the Ethereum blockchain, manages nearly $3 billion in assets. This incident underscores ongoing security challenges within the DeFi sector.

Meanwhile, similar attacks have affected other blockchain projects, including Celer Network with broader concerns about web infrastructure vulnerabilities. Celery Urges users not to visit Celer.network and cbridge.Celer.network while they are investigating a potential DNS domain attack. Experts suspect the Compound security breach and other attacks may be linked to vulnerabilities at Squarespace, the registrar handling these projects’ domains.

DISCLAIMER: The information on this website is provided as general market commentary and does not constitute investment advice. We encourage you to do your own research before investing.

Harold

With a passion for untangling the complexities of the financial world, I've spent over four years in financial journalism, covering everything from traditional equities to the cutting edge of venture capital. "The financial markets are a fascinating puzzle," I often say, "and I love helping people make sense of them." That's what drives me to bring clear and insightful financial journalism to the readers of Coincu.