Source: Adobe/Negro Elkha
At least two major decentralized finance (DeFi) projects – Pancakeswap (CAKE) and Cream Finance (CREAM) – urged their users to stay away from their websites that were hit with so-called DNS-hijacks.
"Your funds are only at risk if you enter your private key or seed phrase into the hijacked site. Regaining access is only a matter of time, our main priority is keeping inexperienced users safe," PancakeSwap said, adding that "regaining access is only a matter of time."
This is now confirmed.
— PancakeSwap 🥞 #BSC (@PancakeSwap)
Cream Finance also confirmed that their "DNS has been compromised by a third party; some users are seeing requests for seed phrase on http://app.cream.finance. DO NOT enter your seed phrase."
"A number of DeFi projects are under DNS hijack attack. Pancake, Cream, etc. Please be VERY VERY careful and not use them until they recover the situation," Binance CEO Changpeng Zhao said.
– Hack Sunday: NFT Theft Follows a Personal Token Attack
– Crypto Security in 2021: More Threats Against DeFi and Individual Users