On December 4th, Optimism decentralized trading protocol Velodrome announced that the domains velodrome.finance and aerodrome.finance were hit by a DNS attack. After preliminary investigation, it is estimated that users who interacted with the attacker's website may lose up to $250,000. After implementing remedial measures, testing, and user feedback, no evidence of any internal/external accounts associated with Velodrome/Aerodrome and/or the registrar being leaked was found. The root cause of this attack was the attacker using social engineering attacks on the domain registrar to gain ownership and control over the accounts holding the domains, thereby bypassing 2FA and other security mechanisms, allowing the attacker to change the domain server and redirect legitimate domain traffic to malicious cloned Velodrome/Aerodrome websites.
All Comments