Compound Website Breached: Users Advised to Avoid Until Further Notice

Users are advised to steer clear of the Compound Finance website, which may redirect visitors to a phishing site, posing a significant security threat. This warning comes from on-chain analyst ZachXBT.

Compound Finance has confirmed the breach and recommended avoiding interaction with the site until further notice.

ALERT: The https://t.co/vSAGYl6wwJ URL has been compromised and is currently hosting a phishing site. DO NOT interact with the https://t.co/vSAGYl6wwJ website until further notice.

The Compound protocol itself is not impacted and all smart contract funds are safe.

— Michael Lewellen (@LewellenMichael) July 11, 2024

“The Compound protocol is unaffected, and all smart contract funds are secure,” assured project representatives.

In 2023, hackers temporarily took control of the Compound X account to promote a phishing site.

FYI the @compoundfinance twitter is compromised and posting a scam link!

Check out: @RevokeCash / @web3_antivirus / @wallet_guard / @blockfence_io / @realScamSniffer

— Officer’s Notes (@officer_cia) December 29, 2023

The attackers advertised free tokens, urging users to click a link mimicking the official protocol page.

After the team’s intervention, the post was marked as “scam.” Four hours later, they regained control of the account and removed the spam message.

Earlier in the second quarter of 2024, SlowMist’s MistTrack service received 467 reports of cryptocurrency thefts. Funds from 18 victims, totaling $22.66 million, were frozen.

Experts identified private key leaks, phishing, and fraud as the most common methods.