Celer Network cBridge resumes operation after suffering DNS exploit

by Jeremy

Celer Network has confirmed the cBridge frontend is up and running after halting its activities following a DNS poisoning attack on August 17 that stole $240,000 of users’ funds.

Celer earlier notified users that the front end of the cBridge will be unavailable as the team is working to resolve the exploit. Shortly after, it confirmed that the issue had been rectified.

An attacker had hijacked the cBridge frontend and drained funds from users who gave approval to the malicious smart contracts.

After due investigation, Celer announced that its protocol and smart contract were not compromised. However, users were advised to check and revoke any access granted to the malicious contracts. Celer also recommended that users of all protocols turn on the Secure DNS option available in their web browser to help mitigate the risk of future DNS attacks.

The exploit reportedly claimed $240,000

On-chain tracking from the community allegedly tracked an address used by the hacker and found that $240,000 was hijacked from the exploit. The attacker has laundered the stolen funds through sanctioned mixing protocol Tornado Cash.

Celer Network stated that only a small portion of funds was affected. Celer has pledged to compensate all affected users fully.

DNS poisoning becoming a trend?

Similar DNS poisoning attacks have hit two DeFi protocols in about a week.

Curve Finance reportedly lost $500,000 after its front end was compromised. Users, unfortunately, approved malicious contracts which siphoned their funds. Binance helped recover $450,000 of the stolen funds.

Celer has also noted that DNS attacks could happen to any DeFi app’s frontend regardless of its internal security. The growing trend of DNS attacks should be a wake-up call for DeFi protocols to be on their guard to prevent future exploits.



Source link

Related Posts

You have not selected any currency to display