Compound Finance Website Hijacked in Phishing Attack

Compound Finance Website Hijacked in Phishing Attack

By: Eva Baxter

Compound Finance, the popular decentralized finance (DeFi) platform, has faced a significant security breach affecting its official website. The domain has been hijacked and is currently redirecting users to a phishing site, raising severe security concerns.

According to an urgent warning issued by Compound Labs on July 11, the company alerted users to avoid visiting the compromised website compound[.]finance. Michael Lewellen, the Security Advisor at Compound, further confirmed the breach on X, stressing that users must not interact with the site. While the website has been compromised, the Compound protocol and its smart contract funds remain unaffected and secure.

The breach appears to be a sophisticated phishing attack where the legitimate Compound Finance website is replaced with a fraudulent one designed to steal user information and potentially their digital assets. Such domain hijacking often occurs through a breach of DNS credentials, enabling attackers to control the domain name without owner consent. Blockchain investigator ZachXBT warned the community via Telegram about the redirection to the scam site compound-finance[.]app.

This unfortunate event follows a similar incident last year when Compound Finance's X account was hacked and used to promote a phishing site, leading to a reported loss of approximately $4.4 million LINK tokens. The crypto community is advised to exercise extreme caution and avoid interacting with the Compound Finance website until an official resolution is announced. Users should stay alert to phishing attempts and rely only on official communications from Compound Labs for updates.

In the wake of this attack, web3 security tools and browser extensions such as Malwarebytes Browser Guard, AegisWeb3, Pocket Universe, Wallet Guard, and MetaMask transaction insight Snaps can help alert users to malicious links and protect their digital assets. It is crucial for users to utilize these tools and stay vigilant to safeguard against potential threats in the decentralized finance space.

Get In Touch

[email protected]

Follow Us

© BlockBriefly. All Rights Reserved.