Attackers hacked the official websites of two major protocols in an attempt to steal user funds.
The attack involved redirecting users to fake versions of the platforms and draining their wallets.
The websites were compromised because they might have been hosted through Squarespace.
This means that more than 100 other protocol websites might be at risk.
The attackers targeted the websites, not the underlying DeFi protocols themselves.
Compound and Celer took swift action to secure their websites, which are now secure.
The number of hacks and scams in the crypto space has been going up at an alarming rate as of late.
This trend has now moved well past celebrity Twitter hacks and memecoin rug pulls to the official websites of two major defi protocols being hacked and used to drain user wallets.
Here are all the details of the new so-called DNS attack that has hit Compound Finance and Celer and why the official websites of these two protocols should be avoided for the time being.
Celer is an Ethereum-based interest-rate protocol, while the Celer network is a multi-chain interoperability protocol.
The frontend websites of both protocols were compromised this week, as reported in an initial Telegram post from independent blockchain investigator Zach XBT.
Zach XBT reported that both websites were leading unsuspecting visitors to fake websites with wallet connect prompts and drainer smart contracts.
Compound Labs took to Twitter shortly after to confirm the hack, urging users not to visit or click any links on it until further notice.
Not long after the Compound hack, Celer Network also took to Twitter to report a similar DNS domain attack, with both of these sites now leading to drainer pages.
So far, according to DeFi Llama founder 0xngmi on Twitter, one of the leading speculations as to the source of these hacks is their registrar, Squarespace.
0xngmi speculated that a long list of Defi protocols using Squarespace might also be at risk, including well-known protocols like dYdX, Idle Finance, Sonne Finance, Chainlist, Gyro, and more than 100 others.
This is not the first time that attackers have come for Compound Finance.
In 2023, the Compound Finance official X account was hacked and used to promote a phishing scam via tweets urging users to click a link to claim free crypto tokens.
So far, security experts have swung into action, helping the Compound Finance website to become secure once again.
Compound Finance notes that the attack was merely on its frontend and that no smart contracts were compromised.
Shortly after, Celer came forward with a similar announcement, noting that all DNS records have been recovered and that the attack vector likely came from third parties beyond its control.
Disclaimer: Voice of Crypto aims to deliver accurate and up-to-date information but will not be responsible for any missing facts or inaccurate information. Cryptocurrencies are highly volatile financial assets, so research and make your own financial decisions.