Velodrome, the second-largest DEX on the Optimism network, and its fork, Aerodrome, the leading DEX on Base, have reported a compromise in their respective frontend systems.
Following the incident, both platforms urged users through their social media channels to refrain from interacting with their platforms for the time being.
Velodrome and Aerodrome Urge Caution Amid Security Breaches
“Our frontend is currently compromised. Please do not interact with Velodrome for the time being. The team are investigating and will communicate more here when we have it,” the post stated. A similar notice was shared through Aerodrome’s official account on X.
Some users have also reported encountering suspicious transaction suggestions upon connecting their wallets to the exchanges.
Stay safe guys, I had weird transaction suggestions while connecting. I had to switch to optimism and increase unspecified allowance. Luckily I didn’t fell for it.
— Sneaky.Pete. (@SneakyPeterr) November 29, 2023
The DNS attack, a method by which bad actors gain control of a website to redirect users to phishing sites, is suspected to be behind this breach. This type of cyber-attack targets a website’s DNS protocol, which is used to connect user requests to the corresponding website’s IP address.
Through the manipulation of this system, attackers can trick users into engaging with malicious contracts designed to drain funds, as demonstrated in this incident.
Looks like stolen funds are going to these two addresses
0x02BA13f39D7df9C3F7592257b636eD6C7CC4ae78
0xf64fCEdFCe714Bbe835761e54D7067f2f8231443 pic.twitter.com/mm6SUhCLhq— ZachXBT (@zachxbt) November 29, 2023
On-chain analyst ZachXBT has also stated that the culprits are transferring the stolen funds to specific wallets, identified as 0x02BA and 0xf64f. The combined balance of these wallets is estimated at around $68,000.
Velodrome and Aerodrome Assure Protocol Fund Security
In an update, Velodrome and Aerodrome released the same statement on X, confirming the security of the Protocols funds and stating that contracts remain unimpacted.
Protocol funds are safe, contracts are unaffected; please ensure you are accessing our decentralized frontend at https://t.co/1NdyRo2x1w and review any permissions granted in the last several hours. https://t.co/vYVv8Zlw5M
— Velodrome (@VelodromeFi) November 29, 2023
They further urged users to ensure they’re using their decentralized frontend as provided in the update instead of the one given on their official X account. Users were also urged to revisit any permissions they had granted in the past few hours.
Velodrome is a major player on the OP Mainnet (formerly Optimism), boasting over $139 million in total value locked (TVL) and significant revenue. On the other hand, Aerodrome holds the top spot on Base with over $63 million in funds.
The breach of these platforms represents a significant blow to the decentralized finance sector.