Search
Close this search box.
Search
Close this search box.

Compound Finance and Celer Site Compromised in Phishing Attack

The Compound Finance and Celer website leads to a phishing page that could drain user funds, but the actual protocol remains unaffected.

On July 11, 2024, on-chain detective ZachXBT was the first to warn about a potential phishing attack on the DeFi platform Compound Finance website.

ZachXBT reported that the official domain of Compound Finance (Compound.finance) had been compromised. When users visited the homepage, they were automatically redirected to a fraudulent website named “compound-finance.app,” which could lead to significant asset losses if users interacted with it.

Celer and Compound in Phishing Attack

Shortly after, the official X account of Compound Labs confirmed the incident and issued an urgent warning advising users “not to visit the website or click on any links until further notice.”

Compound Finance’s security advisor, Michael Lewellen, described the attack as phishing. “The website users are redirected to is a money-draining tool that can wipe out their funds if they interact with it. Therefore, the Compound itself is unaffected, and all user deposits on the protocol remain safe.”

However, the incident wasn’t isolated to Compound Finance. At the same time, Celer Network also reported a phishing attack on its website using a similar method.

According to 0xngmi, founder of DeFiLlama, the issue may stem from both DeFi protocols using the same web service provider, Squarespace. Squarespace was likely compromised, affecting all platforms using its services.

0xngmi also listed several major DeFi projects using Squarespace, which might be the following targets of phishing attacks. These include Pendle, Karak, Hyperliquid, dYdX, Axelar Network, Polymarket, and THORChain.

Developers recommend that projects using Squarespace consider switching to other domain service providers such as Cloudflare, Amazon Web Services, MarkMonitor, or CSC DBS News until the issue is resolved to ensure user safety.

This marks the second widespread phishing attack on DeFi protocols in six months. In late December 2023, the Ledger library was infected with malware that could automatically drain users’ assets upon interaction. Numerous apps, including Hey, SushiSwap, Zapper, and Revoke, widely use this tool, resulting in compromised front-ends that spread malware to users.

For Compound Finance, this is the second phishing attack since late December 2023, when their X account was hijacked to promote a fraudulent website, leading to reported losses of around $4.4 million in LINK tokens.

Compound holds over $2.18 billion in assets, making it one of the most extensive DeFi services in the sector.

Celer and Compound in Phishing Attack

Share:

New Post

Read more

MicroStrategy (MSTR) is doubling down on its audacious Bitcoin strategy, raising a colossal $3 billion through 0% convertible notes to cement its position as the largest corporate Bitcoin holder.
Since being listed on Bithumb, one of South Korea's largest exchanges, Bonk (BONK) has witnessed a sharp rise of approximately 33.7% over the past week and over 50% in the last month.
ADA explosive rally to $0.80, fueled by a 297% surge in large transaction volume, signals unstoppable momentum as ADA eyes the $1 milestone for the first time since 2022.