Compound Finance website compromised by phishing attack

The frontend of decentralized finance giant Compound Finance was compromised earlier Thursday and is now hosting a phishing site, developers said in a post XShortly after, developers of the Celer blockchain project said the site had also been hit by a malicious actor and was hosting a draining service.

“We are investigating a potential DNS domain attack that appears to be affecting multiple projects at once,” Celer developers said. in a post X.

The compound(.)finance website leads to “compound-finance.app” from the European morning hours on Thursday.

Security researcher Michael Lewellen noted that the latter is a tool that drains funds if a user interacts with it. As such, the current Compound protocol remains unchanged and all existing user deposits are secure.

Compound allows users to deposit, lend, and borrow tokens using the Ethereum blockchain. holds more than $2.3 billion of assets as of Thursday, making it one of the largest DeFi services in the industry.

Phishing attacks are the practice of sending fraudulent communications that appear to come from a trusted source. They are a major concern in the cryptocurrency market, with over $104 million stolen from unsuspecting users in the first two months of 2024 alone.

Compound’s COMP token prices are little changed over the past 24 hours, according to data from CoinGecko.

UPDATE (July 11, 12:30 UTC):Title and story update with Celer network compromise.

Fuente