Decentralized exchanges were compromised

English Mar 15, 2021

A few hours ago, a service called Cream Finance said its DNS was "compromised by a third party". The Twitter account of another exchange, PancakeSwap, then confirmed that it had also been attacked through the same mechanism.

A “DNS hijacking” occurs when an attacker redirects traffic to a malicious server that has the appearance and structure identical to that of the original; in this case, the “hijacked website” was wanting users to place their keys to steal funds that were present in those accounts.

Unlike a traditional exchange, where assets are traded through a central authority, a decentralized exchange uses smart contracts. There are no owners, only automated codes, maintained by decentralized teams, which allows the money flows directly between traders.

Crucially, PancakeSwap's smart contracts were not hacked. Only the front end of the site was affected by this attack.

Investing in DeFi protocols can be extremely risky, since they are subject to hacks - half of all crypto-related hacks in 2020 targeted DeFi, according to blockchain data company Chainalysis.

Unfortunately, there is no sign of a slowdown in the amount of decentralized exchange hacks in 2021. Last week, it was Dodo's turn that ended up having a loss of about $ 4 million. On the other hand, we must be optimistic and take into account that DeFi are still relatively new and in constant optimization, errors will be fixed and the technology will have its security reinforced.


Morel Hernandes

Writer passionate about politics, economics, blockchain and crypto-currencies.