TechFlow news — According to Celer Network's Twitter update, between 3:45 AM and 6:00 AM Beijing time on August 18, 2022, cBridge's frontend interface suffered a DNS cache poisoning attack. This attack redirected some users to malicious smart contracts that could drain all their approved assets. The Celer protocol and smart contracts were not affected.
Celer stated that the root DNS records for Celer were not compromised and had never been modified. The incident is similar to the Curve Finance attack on August 10, as this attack also targeted third-party DNS providers/ISPs outside the project’s own control.
After the attack, the Celer team responded quickly, limiting the impact to only a small number of users. Celer will fully compensate all users affected by this incident. The cBridge frontend will be restored shortly with enhanced monitoring. Users are advised to check, revoke any potential approvals, and cross-verify contract addresses when using cBridge or any other DeFi applications.Original link





