DeFi platform Compound Finance has confirmed a significant security breach that has compromised its official website. The protocol’s domain has been hijacked and is currently hosting a phishing site, posing a severe risk to users.
In an urgent announcement via its official X account at 10:15 AM UTC on July 11, Compound Labs stated:
“The Compound Labs website (compound[.]finance) has been compromised. Please do not visit the website or click any links until further notice.”
Michael Lewellen, Compound’s Security Advisor, confirmed the breach on X, advising users not to interact with the Compound Finance website. Lewellen emphasized that while the website has been compromised, the Compound protocol remains unaffected, and all smart contract funds are secure.
The incident appears to be a sophisticated phishing attack. The legitimate Compound Finance website has been replaced with a fraudulent site designed to steal user information and potentially digital assets. This type of attack, known as domain hijacking, involves taking control of a domain name without the owner’s consent, usually through a breach of DNS credentials.
Blockchain investigator ZachXBT issued an early warning to the crypto community via his Telegram channel, advising users to avoid the Compound Finance website, which redirects to a newly registered scam site compound-finance[.]app. This warning was sent at 2:48 AM EDT, well before Compound Labs confirmed the breach.
“Avoid using the Compound Finance website for the time being due to it redirecting to a phishing site,” ZachXBT warned.
The crypto community is advised to exercise extreme caution and avoid interacting with the Compound Finance website until official confirmation is provided that the issue has been resolved. Users should remain vigilant against potential phishing attempts and only rely on official communications from Compound Labs for updates on the situation.