Celer Protocol Shuts Down cBridge over DNS Exploit

Celer Protocol Shuts Down cBridge over DNS Exploit

Interoperability protocol Celer Network has requested its customers to revoke token approvals for a number of good contracts after shutting down its cBridge over a possible DNS exploit.

As per the venture’s preliminary evaluation, some suspicious DNS exercise was noticed at round 7 PM UTC on August 17. However, the protocol remains to be making an attempt to analyze and get extra particulars concerning the problem.

After an investigation, it was discovered that the UI hijack was designed to redirect customers to work together with the compromised good contract which in the end drained their balances.

To defend its customers and forestall any extra mishaps, the platform has shut down the cBridge and warned its customers to revoke approvals for contracts in Ethereum (ETH), Avalanche (AVAX), Polygon (MATIC), Binance Smart Chain, Astar, Aurora, and Arbitrum. 

Users can go to the token approval web page for every community with a purpose to revoke the approvals as a precautionary measure. Thereafter, the platform will totally compensate all these affected throughout the breach. 

Reportedly, the attacker was in a position to drain round 128 ETH ($240K) earlier than the exploit was found after which transferred to Tornado Cash tumbler. Celer protocol revealed later that the workforce managed to reply shortly to the assault. Consequently, solely a small portion of customers are affected.

The Celer protocol and good contracts are usually not affected throughout the breach. Moreover, the Celer DNS root document was not compromised and was by no means modified. However, the platform introduced that “cBridge frontend UI is now up again with additional monitoring in place.”

The platform cautioned customers, “We strongly recommend the community to always check contract addresses that you are interacting with on any DeFi apps as DNS poisoning seems to forming a trend.”

Compiled by Coinbold

5/5 - (100 votes)