bsc.news
Decentralized exchanges (DEX) Velodrome and Aerodrome have issued urgent warnings to their users after falling victim to an attack that compromised the security of their websites.
Both platforms have advised users not to interact with their sites until further notice as investigations into the full extent of the breach continue.
Our frontend is currently compromised. Please do not interact with Velodrome for the time being. The team are investigating and will communicate more here when we have it.
— Velodrome (@VelodromeFi) November 29, 2023
The assailants apparently targeted the Domain Name System (DNS), a fundamental protocol crucial for the seamless functioning of websites.
Response and Ongoing Investigations
While the DNS is a widely used and reliable system, vulnerabilities can be exploited by attackers to execute malicious actions. On-chain detective ZachXBT disclosed that funds stolen during the incident have been traced to specific addresses.
Looks like stolen funds are going to these two addresses
— ZachXBT (@zachxbt) November 29, 2023
0x02BA13f39D7df9C3F7592257b636eD6C7CC4ae78
0xf64fCEdFCe714Bbe835761e54D7067f2f8231443 pic.twitter.com/mm6SUhCLhq
Reports indicate over $40,000 in funds have been transferred to two identified addresses. Velodrome and Aerodrome, however, assured users that protocol funds are safe. While using Velodrome, one user encountered a "weird" message and advised others to be vigilant.
Velodrome, currently holding the second-largest decentralized exchange protocol position on OP Mainnet in terms of total value locked and revenue has over $139 million in locked value. Meanwhile, Aerodrome leads as the largest protocol on Base by total value locked, with a figure surpassing $62 million.