Users are advised to steer clear of the Compound Finance website, which may redirect visitors to a phishing site, posing a significant security threat. This warning comes from on-chain analyst ZachXBT.
Compound Finance has confirmed the breach and recommended avoiding interaction with the site until further notice.
ALERT: The https://t.co/vSAGYl6wwJ URL has been compromised and is currently hosting a phishing site. DO NOT interact with the https://t.co/vSAGYl6wwJ website until further notice.
The Compound protocol itself is not impacted and all smart contract funds are safe.
— Michael Lewellen (@LewellenMichael) July 11, 2024
“The Compound protocol is unaffected, and all smart contract funds are secure,” assured project representatives.
Update: The Celer Network protocol also reported a breach of its website interface and cbridge.
⛔️⛔️⛔️ PLEASE DO NOT ACCESS https://t.co/7EFaRdEOl6 and https://t.co/wQFsd2XFb9.
⚠️⚠️⚠️ We are investigating a potential DNS domain attack that seems to be hitting multiple projects at the same time.
Celer system and funds are safe.
— CelerNetwork (@CelerNetwork) July 11, 2024
Co-founder of DeFiLlama, 0xngmi, stated that the issue stems from a vulnerability in the Squarespace website builder. He published a list of potential victims using the solution, including Pendle, dYdX, Axelar, Thorchain, and several other well-known projects.
notable domains that are at risk:https://t.co/SxUDwsEgxChttps://t.co/ZfqPB3dvGJhttps://t.co/IQoLlDzCl7https://t.co/c8aJyZ4rZmhttps://t.co/pnFuffioeshttps://t.co/Cz4tJMHsL2https://t.co/TMSUnVTlrqhttps://t.co/PiVFKTBlMHhttps://t.co/8VtP9ituCDhttps://t.co/1n5DnS5R2B… https://t.co/399c6wO3B6
— 0xngmi (@0xngmi) July 11, 2024
In 2023, hackers temporarily took control of the Compound X account to promote a phishing site.
FYI the @compoundfinance twitter is compromised and posting a scam link!
Check out: @RevokeCash / @web3_antivirus / @wallet_guard / @blockfence_io / @realScamSniffer
— Officer’s Notes (@officer_cia) December 29, 2023
The attackers advertised free tokens, urging users to click a link mimicking the official protocol page.
After the team’s intervention, the post was marked as “scam.” Four hours later, they regained control of the account and removed the spam message.
Earlier in the second quarter of 2024, SlowMist’s MistTrack service received 467 reports of cryptocurrency thefts. Funds from 18 victims, totaling $22.66 million, were frozen.
Experts identified private key leaks, phishing, and fraud as the most common methods.