Celer Network cBridge resumes operation after suffering DNS exploit

Celer Network has confirmed that its cBridge frontend is up and running after it went dormant following the August 17th DNS poisoning attack that stole $240,000 in user funds.

Celer previously notified users that the cBridge front end would be unavailable as the team worked to resolve the exploit. Shortly thereafter, I confirmed that the problem had been fixed.

Attackers hijacked the cBridge frontend and exfiltrated funds from users who authorized malicious smart contracts.

After due diligence, Celer has announced that its protocol and smart contracts have not been compromised. However, users were advised to review and revoke any access granted to malicious contracts.Celer also recommends that users of all protocols turn on the secure DNS option available Web browser Helps reduce the risk of future DNS attacks.

The exploit reportedly demanded $240,000

On-chain tracking from the community address Used by hackers, $240,000 was found hijacked from an exploit. The attackers used Tornado Cash, a licensed mixing protocol, to launder the stolen funds.

Celer Network said only a small portion of the funds were affected. Celer has promised to fully compensate all affected users.

Is DNS poisoning trending?

A similar DNS poisoning attack hit two DeFi protocols in about a week.

Curve Finance reportedly lost $500,000 after its front end was compromised. Unfortunately, users have approved malicious contracts that siphon funds. Binance helped him recover $450,000 of stolen funds.

Celer also notes that DNS attacks can occur on the front end of DeFi apps, regardless of internal security. The rising trend of DNS attacks should serve as a wake-up call for DeFi protocols to vigilantly guard against future exploits.

Related Articles

Leave a Reply

Your email address will not be published.

Back to top button