PancakeSwap And Cream Finance Targeted With Concurrent DNS Attacks

DeFi Platforms PancakeSwap and Cream Finance have been attacked by hackers in attempts to get a hold of private user keys.

The hackers targeted the platform-specific websites. In a recent tweet from Cream Finance, the company stated that their website had been affected by a DNS spoofing attack that aimed to trick users into revealing their private details, specifically seed phrases, using a fake text box. The same thing happened with PancakeSwap’s website as well, where users were prompted to input their private seed phrases into a fake input box when attempting to access MetaMask.

Breaching of the websites meant that both websites also had their DNS compromised, resulting in bad and potentially harmful traffic. The latest tweets from both platforms have strictly warned its users not to use the website and have clearly stated to users not to enter their private seed phrases or keys on the website as it might result in data loss which is sometimes unrecoverable. As a precautionary step, both websites have requested their users not to enter their private keys or seed phrases anywhere on the internet to avoid further harm if their data is compromised.

Recovery in progress

Both PancakeSwap and Cream Finance have started working on fixing the sites and recovering whatever important data is compromised. As of now, Cream Finance has reported that it has successfully been able to recover its DNS from both of their websites. However, PancakeSwap was still expected to provide an update as their engineers are working hard to regain control over the sites.

At the time of writing, stats from ‘dnschecker.org’ are showing the regaining of control over the website by PancakeSwap, but the full DNS resolution will still take at least 48 hours to complete as everything is still being sorted out and put back into place. PancakeSwap on Twitter has expressed its gratefulness to its users and community team who helped in reporting and countering the attack.

While the site has recovered, some users, unfortunately, lost their funds to the attack. It is still not sure whether the platforms are at blame or the user. In all fairness, hacking attacks happen all the time around the world, so it should be the user’s responsibility to check before giving up any private information without any context. Websites usually do not ask for the user’s details until and unless there is a serious issue.