Decentralized crypto exchanges Velodrome and Aerodrome have warned users about a front-end security breach on their websites.
In X posts published on Wednesday, Velodrome and Aerodrome warned users against interacting with their websites until further notice.
“Our frontend is currently compromised,” the Velodrome team wrote on X. “Please do not interact with Velodrome for the time being. The team are investigating and will communicate more here when we have it.”
The same warning was posted on Aerodrome’s X account.
The security breach seems to involve a domain name system (DNS) attack targeting the Aerodrome and Velodrome’s official websites. DNS is a widely utilized protocol crucial for the functioning of websites.
In DNS attacks, hackers seize control of a site and redirect users to a phishing site linked to a malicious contract, with the intention of illicitly acquiring users’ funds.
On-chain analyst ZachXBT identified two specific addresses that funds from Aerodrome and Velodrome were being sent to, providing a glimpse into the amount of damage the hackers caused. At time of writing, a combined $70,000 worth of crypto assets have been drained into these two addresses.
“Looks like stolen funds are going to these two addresses: 0x02BA13f39D7df9C3F7592257b636eD6C7CC4ae78 [and] 0xf64fCEdFCe714Bbe835761e54D7067f2f8231443,” ZachXBT wrote on X.
Aerodrome provided an alternate solution, asking its users to only access Aerodrome from its decentralized frontend.
“Please ensure you are accessing Aerodrome only from our decentralized frontend at http://aero.drome.eth.limo,” Aerodrome posted on X, while also noting that “protocol funds are safe and contracts are unaffected.”
Velodrome is the second-largest decentralized exchange protocol
Read more on cryptonews.com