Velodrome and Aerodrome Suffer Front-end Attack

The team behind both DEXs urges users to not interact with front-ends as hackers have taken over websites.

Last updated: November 29, 2023 11:26 AM

Published November 29, 2023 11:26 AM

Last updated: November 29, 2023 11:26 AM

Published November 29, 2023 11:26 AM

Velodrome and Aerodrome, decentralized exchanges probably built by the same team, have been attacked by hackers taking over website front-ends.

Both Velodrome and Aerodrome shared a post confirming the incident and urging users to avoid interacting with front-ends. In the meantime, they assured users that all the funds are safe and contracts are unaffected.

Our frontend is currently compromised. Please do not interact with Velodrome for the time being. The team are investigating and will communicate more here when we have it.
— Velodrome (@VelodromeFi) November 29, 2023

Our frontend is currently compromised. Please do not interact with Aerodrome for the time being. The team are investigating and will communicate more here when we have it.
— Aerodrome (@aerodromefi) November 29, 2023

The incident seems to be a DNS attack, in which the attacker has taken over the domains, and now it is leading to a phishing link to drain users’ assets.

Velodrome is one of the largest decentralized exchanges (DEX) on Optimism, whereas Aerodrome is deployed on Coinbase’s Layer 2 network Base.

While the attack does not disclose much financial details, on-chain analyst ZachXBT pointed out two addresses and found that currently approximately $40k had been stolen.

Looks like stolen funds are going to these two addresses

0x02BA13f39D7df9C3F7592257b636eD6C7CC4ae78
0xf64fCEdFCe714Bbe835761e54D7067f2f8231443 pic.twitter.com/mm6SUhCLhq
— ZachXBT (@zachxbt) November 29, 2023