{"id":15139,"date":"2024-07-11T14:55:08","date_gmt":"2024-07-11T11:55:08","guid":{"rendered":"https:\/\/forklog.com\/en\/compound-website-breached-users-advised-to-avoid-until-further-notice\/"},"modified":"2024-07-11T14:55:08","modified_gmt":"2024-07-11T11:55:08","slug":"compound-website-breached-users-advised-to-avoid-until-further-notice","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/compound-website-breached-users-advised-to-avoid-until-further-notice\/","title":{"rendered":"Compound Website Breached: Users Advised to Avoid Until Further Notice"},"content":{"rendered":"<p>Users are advised to steer clear of the Compound Finance website, which may redirect visitors to a phishing site, posing a significant security threat. This warning comes from on-chain analyst ZachXBT.<\/p>\n<p><script async src=\"https:\/\/telegram.org\/js\/telegram-widget.js?22\" data-telegram-post=\"investigations\/140\" data-width=\"100%\"><\/script><\/p>\n<p>Compound Finance has confirmed the breach and recommended avoiding interaction with the site until further notice.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">ALERT: The <a href=\"https:\/\/t.co\/vSAGYl6wwJ\">https:\/\/t.co\/vSAGYl6wwJ<\/a> URL has been compromised and is currently hosting a phishing site. DO NOT interact with the <a href=\"https:\/\/t.co\/vSAGYl6wwJ\">https:\/\/t.co\/vSAGYl6wwJ<\/a> website until further notice.<\/p>\n<p>The Compound protocol itself is not impacted and all smart contract funds are safe.<\/p>\n<p>\u2014 Michael Lewellen (@LewellenMichael) <a href=\"https:\/\/twitter.com\/LewellenMichael\/status\/1811303839888261530?ref_src=twsrc%5Etfw\">July 11, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<blockquote class=\"wp-block-quote is-layout-flow wp-block-quote-is-layout-flow\">\n<p><em>&#8220;The Compound protocol is unaffected, and all smart contract funds are secure,&#8221;<\/em> assured project representatives.<\/p>\n<\/blockquote>\n<div class=\"wp-block-text-wrappers-update article_update\"><span class=\"gtb_text-wrappers_update_head\">Update: <\/span><\/p>\n<p>Update: The Celer Network protocol also reported a breach of its website interface and cbridge.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">\u26d4\ufe0f\u26d4\ufe0f\u26d4\ufe0f PLEASE DO NOT ACCESS <a href=\"https:\/\/t.co\/7EFaRdEOl6\">https:\/\/t.co\/7EFaRdEOl6<\/a> and <a href=\"https:\/\/t.co\/wQFsd2XFb9\">https:\/\/t.co\/wQFsd2XFb9<\/a>. <\/p>\n<p>\u26a0\ufe0f\u26a0\ufe0f\u26a0\ufe0f We are investigating a potential DNS domain attack that seems to be hitting multiple projects at the same time.<\/p>\n<p>Celer system and funds are safe.<\/p>\n<p>\u2014 CelerNetwork (@CelerNetwork) <a href=\"https:\/\/twitter.com\/CelerNetwork\/status\/1811368611828953312?ref_src=twsrc%5Etfw\">July 11, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Co-founder of DeFiLlama, 0xngmi, stated that the issue stems from a vulnerability in the Squarespace website builder. He published a list of potential victims using the solution, including Pendle, dYdX, Axelar, Thorchain, and several other well-known projects.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">notable domains that are at risk:<a href=\"https:\/\/t.co\/SxUDwsEgxC\">https:\/\/t.co\/SxUDwsEgxC<\/a><a href=\"https:\/\/t.co\/ZfqPB3dvGJ\">https:\/\/t.co\/ZfqPB3dvGJ<\/a><a href=\"https:\/\/t.co\/IQoLlDzCl7\">https:\/\/t.co\/IQoLlDzCl7<\/a><a href=\"https:\/\/t.co\/c8aJyZ4rZm\">https:\/\/t.co\/c8aJyZ4rZm<\/a><a href=\"https:\/\/t.co\/pnFuffioes\">https:\/\/t.co\/pnFuffioes<\/a><a href=\"https:\/\/t.co\/Cz4tJMHsL2\">https:\/\/t.co\/Cz4tJMHsL2<\/a><a href=\"https:\/\/t.co\/TMSUnVTlrq\">https:\/\/t.co\/TMSUnVTlrq<\/a><a href=\"https:\/\/t.co\/PiVFKTBlMH\">https:\/\/t.co\/PiVFKTBlMH<\/a><a href=\"https:\/\/t.co\/8VtP9ituCD\">https:\/\/t.co\/8VtP9ituCD<\/a><a href=\"https:\/\/t.co\/1n5DnS5R2B\">https:\/\/t.co\/1n5DnS5R2B<\/a>\u2026 <a href=\"https:\/\/t.co\/399c6wO3B6\">https:\/\/t.co\/399c6wO3B6<\/a><\/p>\n<p>\u2014 0xngmi (@0xngmi) <a href=\"https:\/\/twitter.com\/0xngmi\/status\/1811376786799784348?ref_src=twsrc%5Etfw\">July 11, 2024<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script>\n<\/div>\n<p>In 2023, hackers temporarily took control of the Compound X account to promote a phishing site.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">FYI the <a href=\"https:\/\/twitter.com\/compoundfinance?ref_src=twsrc%5Etfw\">@compoundfinance<\/a> twitter is compromised and posting a scam link!<\/p>\n<p>Check out: <a href=\"https:\/\/twitter.com\/RevokeCash?ref_src=twsrc%5Etfw\">@RevokeCash<\/a> \/ <a href=\"https:\/\/twitter.com\/web3_antivirus?ref_src=twsrc%5Etfw\">@web3_antivirus<\/a> \/ <a href=\"https:\/\/twitter.com\/wallet_guard?ref_src=twsrc%5Etfw\">@wallet_guard<\/a> \/ <a href=\"https:\/\/twitter.com\/blockfence_io?ref_src=twsrc%5Etfw\">@blockfence_io<\/a> \/ <a href=\"https:\/\/twitter.com\/realScamSniffer?ref_src=twsrc%5Etfw\">@realScamSniffer<\/a><\/p>\n<p>\u2014 Officer&#8217;s Notes (@officer_cia) <a href=\"https:\/\/twitter.com\/officer_cia\/status\/1740783396689985658?ref_src=twsrc%5Etfw\">December 29, 2023<\/a><\/p><\/blockquote>\n<p> <script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>The attackers advertised free tokens, urging users to click a link mimicking the official protocol page.<\/p>\n<p>After the team&#8217;s intervention, the post was marked as &#8220;scam.&#8221; Four hours later, they regained control of the account and removed the spam message.<\/p>\n<p>Earlier in the second quarter of 2024, SlowMist&#8217;s MistTrack service received 467 reports of cryptocurrency thefts. Funds from 18 victims, totaling $22.66 million, were frozen.<\/p>\n<p>Experts identified private key leaks, phishing, and fraud as the most common methods.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Users are advised to steer clear of the Compound Finance website, which may redirect visitors to a phishing site, posing a significant security threat. This warning comes from on-chain analyst ZachXBT. Compound Finance has confirmed the breach and recommended avoiding interaction with the site until further notice. ALERT: The https:\/\/t.co\/vSAGYl6wwJ URL has been compromised and [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":15138,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"","news_style_id":"","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1494,44],"class_list":["post-15139","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-compound-comp","tag-cybercrime"],"aioseo_notices":[],"amp_enabled":true,"views":"49","promo_type":"","layout_type":"","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/15139","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=15139"}],"version-history":[{"count":0,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/15139\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/15138"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=15139"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=15139"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=15139"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}