Celer Network cBridge resumes operation after suffering DNS exploit


Celer Network has confirmed the cBridge frontend is up and running after halting its activities following a DNS poisoning attack on August 17 that stole $240,000 of users’ funds.

Celer earlier notified users that the front end of the cBridge will be unavailable as the team is working to resolve the exploit. Shortly after, it confirmed that the issue had been rectified.

🌉cBridge frontend UI is now up again with additional monitoring in place. We strongly recommend community to always check contract addresses that you are interacting with on any DeFi apps as DNS poisoning seems to forming a trend. Will always keep community updated! https://t.co/xlrLBNsYU3

— CelerNetwork (@CelerNetwork) August 18, 2022

An attacker had hijacked the cBridge frontend and drained funds from users who gave approval to the malicious smart contracts.

📢📢📢We are seeing reports that reflects potential DNS hijacking of cbridge frontend. We are investigating at the moment and please do not use the frontend for bridging at the moment.

— CelerNetwork (@CelerNetwork) August 17, 2022

After due investigation, Celer announced that its protocol and smart contract were not compromised. However, users were advised to check and revoke any access granted to the malicious contracts. Celer also recommended that users of all protocols turn on the Secure DNS option available in their web browser to help mitigate the risk of future DNS attacks.

The exploit reportedly claimed $240,000

On-chain tracking from the community allegedly tracked an address used by the hacker and found that $240,000 was hijacked from the exploit. The attacker has laundered the stolen funds through sanctioned mixing protocol Tornado Cash.

Celer Network stated that only a small portion of funds was affected. Celer has pledged to compensate all affected users fully.

DNS poisoning becoming a trend?

Similar DNS poisoning attacks have hit two DeFi protocols in about a week.

Curve Finance reportedly lost $500,000 after its front end was compromised. Users, unfortunately, approved malicious contracts which siphoned their funds. Binance helped recover $450,000 of the stolen funds.

Celer has also noted that DNS attacks could happen to any DeFi app’s frontend regardless of its internal security. The growing trend of DNS attacks should be a wake-up call for DeFi protocols to be on their guard to prevent future exploits.

Get an Edge on the Crypto Market 👇

Become a member of CryptoSlate Edge and access our exclusive Discord community, more exclusive content and analysis.

On-chain analysis

Price snapshots

More context

Join now for $19/month Explore all benefits



Source

Recommended For You

About the Author: wp4crypto

Leave a Reply

Your email address will not be published. Required fields are marked *