Multiple DeFi protocols targeted by wallet drainers


Multiple DeFi (decentralized finance) protocols were targeted by a phishing attack on Thursday. While the extent of the attack is still unknown, some major projects announced only this morning that the situation had been resolved, while others might still be at risk.

Major projects such as Compound (COMP) and others saw their domains hijacked in an attempt to redirect visitors to malicious websites that would drain users' funds from their connected wallets.

This morning, Compound confirmed that its compound.finance website "is once again secure" and urged users to restart their browsers and ensure that they’re connecting to the correct domains (compound.finance, app.compound.finance, or compoundlabs.xyz).

ADVERTISEMENT

According to the team, the attack did not impact the protocol, and no smart contracts were compromised. More details will be announced after an investigation. However, Compound has urged its users to revoke approvals for now.

Meanwhile, Celer Network (CLR) confirmed yesterday that an attempted takeover of Celer domains "was successfully intercepted."

Crypto security firm Blockaid estimated that "the attackers are operating by hijacking DNS records of projects hosted on SquareSpace." They also claimed that "the attackers are using a drainer kit associated with the most recent iteration of the Inferno drainer group."

"Registrars are custodians of your domains. If they are compromised, like SquareSpace today, your website traffic can be routed without your permission to somewhere else," Matthew Gould, founder of Web3 domain provider Unstoppable Domains, added on X.

The initial list of potentially vulnerable domains registered with SquareSpace included over 120 websites.

SquareSpace hasn't posted any updates on the situation.

According to Web3 bug bounty platform Immunefi, $921 million has been lost due to crypto hacks and fraud so far this year, up by 24% compared to the previous period. However, they also noted that the number of individual successful attacks decreased by 11%, from 81 in Q2 2023 to 72 in Q2 2024.

ADVERTISEMENT