Decentralized crypto exchanges Velodrome and Aerodrome have warned users about a front-end security breach on their websites.
In X posts published on Wednesday, Velodrome and Aerodrome warned users against interacting with their websites until further notice.
“Our frontend is currently compromised,” the Velodrome team wrote on X. “Please do not interact with Velodrome for the time being. The team are investigating and will communicate more here when we have it.”
The same warning was posted on Aerodrome’s X account.
The security breach seems to involve a domain name system (DNS) attack targeting the Aerodrome and Velodrome’s official websites. DNS is a widely utilized protocol crucial for the functioning of websites.
In DNS attacks, hackers seize control of a site and redirect users to a phishing site linked to a malicious contract, with the intention of illicitly acquiring users’ funds.
On-chain analyst ZachXBT identified two specific addresses that funds from Aerodrome and Velodrome were being sent to, providing a glimpse into the amount of damage the hackers caused. At time of writing, a combined $70,000 worth of crypto assets have been drained into these two addresses.
“Looks like stolen funds are going to these two addresses: 0x02BA13f39D7df9C3F7592257b636eD6C7CC4ae78 [and] 0xf64fCEdFCe714Bbe835761e54D7067f2f8231443,” ZachXBT wrote on X.
Aerodrome provided an alternate solution, asking its users to only access Aerodrome from its decentralized frontend.
“Please ensure you are accessing Aerodrome only from our decentralized frontend at http://aero.drome.eth.limo,” Aerodrome posted on X, while also noting that “protocol funds are safe and contracts are unaffected.”
Velodrome is the second-largest decentralized exchange protocol on the OP Mainnet (previously Optimism) based on total value locked and revenue. The company currently boasts over $139 million in total locked value.
Meanwhile, Aerodrome is the largest protocol on Base in terms of total value locked (TVL), holding over $63 million in funds.
Last month, Web3 credentials and rewards platform Galxe announced its intention to refund over $396,000 to more than 980 users who were impacted by a significant DNS attack.
The project has also pledged to supplement the refunded amount by an additional 10% as a gesture of goodwill, as outlined in a shared document.