In a recent incident, decentralized exchanges (DEX) Velodrome and Aerodrome issued warnings to their users after experiencing an attack that compromised the security of their websites.
This attack, seemingly targeting the Domain Name System (DNS), aimed to take control of the official links of the sites. In response, both platforms urged users to refrain from interacting with their sites until further notice as they investigate the extent of the incident.
Our frontend is currently compromised. Please do not interact with Velodrome for the time being. The team are investigating and will communicate more here when we have it.
— Velodrome (@VelodromeFi) November 29, 2023
The Domain Name System, a fundamental protocol for the functioning of websites, became the vector of this attack. Although widely used and reliable, attackers can exploit vulnerabilities in DNS to carry out malicious actions, as evidenced in this hacking attempt.
Funds Compromised During the Attack
While no official statement was issued regarding the exact impact on user assets, on-chain analyst ZachXBT identified some suspicious financial movements. Over $40,000 in funds were transferred to two specific addresses, suggesting that attackers might have gained access to the funds of some users during the incident.
Velodrome, currently ranked as the second-largest decentralized exchange protocol on OP Mainnet in terms of total value locked and revenue, holds over $139 million in locked value. On the other hand, Aerodrome stands out as the largest protocol on Base by total value locked, with a figure exceeding $63 million.
The gravity of this attack highlights the critical importance of maintaining security in financial environments. User trust is compromised when the integrity of platforms is threatened, and the response and transparency of Velodrome and Aerodrome in this incident are essential steps to mitigate risks and restore the confidence of their followers.
Looks like stolen funds are going to these two addresses
0x02BA13f39D7df9C3F7592257b636eD6C7CC4ae78
0xf64fCEdFCe714Bbe835761e54D7067f2f8231443 pic.twitter.com/mm6SUhCLhq— ZachXBT (@zachxbt) November 29, 2023
Looking ahead, Velodrome and Aerodrome will need to work on enhancing security measures in their spaces. If they aim to stay at the forefront as platforms, having an excellent cybersecurity shield is crucial. Meanwhile, users should stay vigilant for updates provided by the platforms and take all possible additional precautions until the situation is resolved.
