Popular DeFi platform Compound Finance has been breached by scammers, with its website redirecting users to a phishing link. Compound’s dApp and smart contracts remain unaffected. Hackers are redirecting Compound’s users from its site to a lookalike that gathers sensitive information, potentially providing them access to user funds. ZachXBT warned the platform’s users through a Telegram post, “Compound Finance website seems to be hijacked potentially do not visit the site for the time being. Currently redirects to a newly registered phishing site.” Source: ZachXBT Compound Finance’s security advisor, Michael Lewellen, confirmed the breach on X, “The http://compound.finance URL has been compromised and is currently hosting a phishing site. DO NOT interact with the http://compound.finance
Topics:
Suraj Manohar considers the following as important: Crime, News
This could be interesting, too:
Bilal Hassan writes HashKey Cloud Partners with Kintsu to Boost Monad Network Security
Bena Ilyas writes Hamster Kombat Daily Combo Cards and Cipher Code for September 16, 2024
Bilal Hassan writes U.S. Imposes Sanctions on Cambodian Tycoon Linked to Human Trafficking and Crypto Fraud
Suraj Manohar writes Tether Under Fire for Not Disclosing Reserves Transparently
Popular DeFi platform Compound Finance has been breached by scammers, with its website redirecting users to a phishing link. Compound’s dApp and smart contracts remain unaffected. Hackers are redirecting Compound’s users from its site to a lookalike that gathers sensitive information, potentially providing them access to user funds.
ZachXBT warned the platform’s users through a Telegram post, “Compound Finance website seems to be hijacked potentially do not visit the site for the time being. Currently redirects to a newly registered phishing site.”
Source: ZachXBT
Compound Finance’s security advisor, Michael Lewellen, confirmed the breach on X, “The http://compound.finance URL has been compromised and is currently hosting a phishing site. DO NOT interact with the http://compound.finance website until further notice.” He also let users know that the breach is limited to the platform’s website and not its dApp. “The Compound protocol itself is not impacted, and all smart contract funds are safe.”
The official Compound Finance X account also reiterated that it is safe at the protocol level, “The issue is not at the protocol level; the smart contracts have not been compromised.” It also stated, “It is part of the widespread domain compromise occurring right now. By visiting the site, or clicking any associated links, you will be putting yourself at risk. We and others are diligently working to resolve the issue.”
As of any hack, many imposters have flooded Compound’s post to scam users with more phishing links. Users must always check that the communications they receive are from official Compound Finance accounts and spokespeople. This example highlights the increase in phishing attacks in the crypto ecosystem. Security firm CertiK stated that the first half of 2024 observed $498 million worth of losses in the crypto ecosystem due to phishing attacks. Beyond that, the ecosystem witnessed $1.1 billion in hacks and attacks of all types in the same period.