At least two major decentralized finance (DeFi) projects – Pancakeswap (CAKE) and Cream Finance (CREAM) – later today, urged their users to stay away from their websites that were hit with so-called DNS-hijacks. (Updated at 16:32 UTC: updates throughout the entire text.)
At 16:03 UTC, PancakeSwap said that they regained access to the DNS.
“Some users might still be affected, depending on their DNS resolution as some propagation time may be needed,” they said, promising more updates soon.
Meanwhile, Cream Finance, at 16:16 UTC, said they have purchased and deployed to app.creamfinance.co, claiming that this site is safe to use.
“Your funds are only at risk if you enter your private key or seed phrase into the hijacked site,” PancakeSwap said earlier today.
Cream Finance also confirmed that their “DNS has been compromised by a third party; some users are seeing requests for seed phrase on http://app.cream.finance. DO NOT enter your seed phrase.”
“A number of DeFi projects are under DNS hijack attack. Pancake, Cream, etc. Please be VERY VERY careful and not use them until they recover the situation,” Binance CEO Changpeng Zhao warned.
@FutureBchain @PancakeSwap In this case they tried to get users to give up their wallet seeds, so they could get ac… https://t.co/7QUj0oJ3QK
___
Learn more:
– Hack Sunday: NFT Theft Follows a Personal Token Attack
– Crypto Security in 2021: More Threats Against DeFi and Individual Users
Credit: Source link