Several Decentralized Finance (DeFi) projects on the Binance Smart Chain announced that they are under a Domain Name System (DNS) attack.
A DNS attack can take several forms. However, the affected platforms have reported facing a DNS hijacking on the Binance Smart Chain. In this instance, their domain names have been hijacked, resulting in the internet traffic being diverted to an unknown destination.
First, Cream Finance tweeted that a third party had compromised its DNS. It explained that some of its users were seeing requests for their seed phrases. Seed phrases are commonly used to recover wallets.
It is often warned that seed phrases should never share them with third-parties, who would then have access to the user’s wallet. “We will never ask you to submit any private key or seed phrases,” the tweet from Cream emphasized.
Our DNS has been compromised by a third party; some users are seeing requests for seed phrase on https://t.co/Hr6S4Fqodo. DO NOT enter your seed phrase. We will never ask you to submit any private key or seed phrases.— Cream Finance (@CreamdotFinance) March 15, 2021
PancakeSwap Suspected, Confirmed
Shortly after that, PancakeSwap reported that they might have been hijacked as well, similar to Cream. They recommended not using their site until it was confirmed. Within a few minutes, PancakeSwap confirmed that their DNS had been hijacked as well. They also emphasized to “NEVER EVER input your seed phrase or private keys on a website.”
This is now confirmed.DO NOT go to the Pancakeswap site until we confirm it is all clear. NEVER EVER input your seed phrase or private keys on a website. We are working on recovery now. Sorry for the trouble. https://t.co/JN7TXlo9od— PancakeSwap #BSC (@PancakeSwap) March 15, 2021
Binance Takes Notice
As PancakeSwap is the largest DeFi platform on Binance’s Smart Chain (BSC), it was only a matter of time before they were alerted to the attack. Binance CEO Changpeng Zhao then took to Twitter to announce that the attack was taking place.
This is what we are getting for first time..earlier we did not get this..if you find this page..get out immediately.don't proceed @PancakeSwap pic.twitter.com/4HsNX1KEkT— Prasad Tungar (@prasadtungar) March 15, 2021
In reply to CZ’s tweet, a Twitter user shared an image of trying to access the PancakeSwap domain. The picture shows a warning that the connection was not private and that attackers might steal the user’s information via the PancakeSwap domain.
Unfortunately, this isn’t the first instance of cyberattacks against projects on the Binance Smart Chain. Last month, Cream acknowledged that a hacker had been able to steal $37.5 million before they were able to cut him off. Recently, Binance Smart Chain has become a serious competitor to Ethereum due to its high gas fees. However, ongoing security issues may compromise that ambition.
The post Several Binance Smart Chain Projects Under DNS Attack appeared first on BeInCrypto.
Original Source: Be In Crypto Several Binance Smart Chain Projects Under DNS Attack