Celer Network – a blockchain interoperability protocol enabling a one-click user experience accessing tokens, DeFi, GameFi, NFTs, governance, and more across multiple chains – recently suspected the DNS hijacking of its cBridge frontend.
Warning the customers against using the cBridge, Celer tweeted, “We are investigating at the moment and please do not use the frontend for bridging at the moment.”
We are seeing reports that reflects potential DNS hijacking of cbridge frontend. We are investigating at the moment and please do not use the frontend for bridging at the moment.— CelerNetwork (@CelerNetwork) August 17, 2022
Naming Polygon, Avalanche, Arbitrum, Astar, Aurora, Ethereum, BSC, Fanatom, and Optimism, Celer said that “if you recently used cBridge, please make sure to check and revoke any token approval.”
Reminders And Suggestions Issued By Cellar
The company said that “these contracts are related to a potential UI hijack to redirect users to interact with the above addresses and drain tokens balances. The cBridge frontend UI is currently offline to be safe and we are doing further investigation.”
Celer also issued a reminder which said, “DNS poisoning can happen to any DeFi app frontend regardless of the protocol’s own security and we strongly suggest the entire blockchain community to turn on Secure DNS option in your web browser to reduce such possibility to get affected.” The company suggested that “due to low adoption of DNSSEC, we additionally suggest when you are interacting with any DeFi frontend, always verify the contract addresses.”
Celer Team’s Response To The Situation
Talking about the team’s efforts to resolve the situation, Celer said, “During this incident, the team responded quickly and fortunately only a small portion of users are affected. We will fully compensate users affected during the session of the incident but we ask users first to please first revoke approval to above contracts.”
“The frontend will be resumed shortly with enhanced monitoring. Again, please check&revoke any potential approvals and cross-check contract addresses when using cBridge and any other DeFi apps,” said Celer.
On the Flipside
- Many users are contemplating revoking all transactions to keep their wallets safe.
Why You Should Care
Due to the potential UI hijack the company is actively asking some users to revoke their transactions as it is being redirected to malicious smart contracts that can drain all approved token amounts.
Similar Articles on DailyCoin:
A $540m Crypto Scam Using RenBridge Has Come to Light
U.S. SEC Reveals $300M Crypto Pyramid And Ponzi Scheme Scam