Velodrome and Aerodrome DEXs face frontal attacks

Velodrome, the second largest DEX on the Optimism network, and Fork Aerodrome, the leading DEX on Base, have reported agreement in their respective front-end systems.

Following the incident, both platforms urged users to temporarily avoid interacting with their platforms through their social media channels.

Be careful between the velodrome and the aerodrome

“Our frontage is down at the moment. Please stay away from the velodrome for the time being. The team is investigating and we'll be in touch more here when we have,” he wrote. A similar announcement was shared by the Aerodrome's official account via X.

Some users have reported receiving suspicious transaction suggestions when linking their wallets to the exchange.

Hey guys, I had some weird marketing suggestions when dating. I had to switch to optimism and add an unspecified allowance. Luckily I didn't fall for it.

– Sneaky.Pet. (@SneakyPeterr) November 29, 2023

A DNS attack, a technique by which bad actors take over a website to redirect users to phishing websites, is suspected to be behind it. This type of cyber attack targets the website's DNS protocol, which is used to link user requests to the corresponding website's IP address.

By exploiting this system, attackers can trick users with malicious contracts designed to drain their money, as seen in this case.

It seems that the stolen funds go to these two addresses

0x02BA13f39D7df9C3F7592257b636eD6C7CC4ae780xf64fCEdFCe714Bbe835761e54D7067f2f8231443 pic.twitter.com/mm6SUhCLhq

— ZachXBT (@zachxbt) November 29, 2023

Chain analyst ZackXBT also said that criminals are transferring the stolen funds to wallets identified as 0x02BA and 0xf64f. The combined balance of these wallets is estimated at around $68,000.

Velodrome and Aerodrome Certification Protocol Fund Security

In an update, the Velodrome and Aerodrome issued a similar statement on X, confirming the safety of the protocol's funds and stating that contracts were unaffected.

Protocol funds are safe, contracts are intact; Please make sure you are accessing your decentralized front page and see the permissions granted in the last several hours.

— Velodrome (@VelodromeFi) November 29, 2023

Users are also urged to ensure that they are using the decentralized front-end provided in the update instead of the one provided on their official X account. Users are urged to revisit any permissions they have granted in the past few hours.

Velodrome is a major player on OP Mainnet (formerly Optimist), with over $139 million in total value locked (TVL) and highest revenue. On the other hand, Aerodrome holds the highest position on the base with over $63 million in funds.

A breach of these platforms could spell serious damage to the decentralized financial sector.