Aerodrome Finance Hit by DNS Hijacking Front-End Attack on Coinbase’s Base Network

Aerodrome swiftly mitigated a domain hijacking that caused $700,000 in losses, aided by rapid alerts from MetaMask and Coinbase Wallet, with compensation plans in progress.

111d ago

Summary

Aerodrome Finance reported a $700,000 loss from a domain hijacking attack on November 21 that was fully mitigated in under four hours. MetaMask and Coinbase Wallet issued warnings within two minutes of detecting the first malicious transaction, helping limit the impact. Aerodrome confirmed that smart contracts and liquidity were not affected and is preparing compensation plans for impacted users.

Terms & Concepts

DNS Hijacking: A cyberattack where the attacker redirects users from legitimate domain names to fraudulent websites by compromising the Domain Name System settings.
Front-End Attack: An exploit targeting the interface or domain of a web application, often redirecting users to malicious sites without affecting the protocol’s core smart contracts.
Smart Contract: Self-executing blockchain code that automatically enforces and executes predefined agreements without human intervention.