Ethereum News Update: Major DEX Compromised as Centralized DNS Vulnerability Threatens DeFi Security

Bitget App

Trade smarter

Bitget

News

Markets

Ethereum News Update: Major DEX Compromised as Centralized DNS Vulnerability Threatens DeFi Security

Bitget-RWA2025/11/22 19:08

By:Bitget-RWA

- Aerodrome and Velodrome DEXs suffered DNS hijacking attacks, redirecting users to phishing sites via centralized domain vulnerabilities. - Attackers exploited compromised domains to trick users into signing malicious transactions, mirroring a 2023 incident that caused $300,000+ losses. - Platforms urged users to revoke token approvals and use ENS mirrors, emphasizing secure smart contracts but highlighting DeFi's front-end risks. - The breach occurred days after Aerodrome's planned merger with Velodrome,

Aerodrome Finance, recognized as the top decentralized exchange (DEX) on

Ethereum

Layer 2 network Base, along with Velodrome, its equivalent on

Optimism

experienced a front-end security breach

early Saturday. This led to urgent advisories for users to avoid the official websites and instead use decentralized mirror sites. The breach,

believed to be caused by a DNS hijacking

, enabled attackers to redirect visitors to phishing pages crafted to deceive users into approving harmful transactions. Both exchanges stressed that their core smart contracts were unaffected, but users were urged to revoke any recent token permissions and steer clear of suspicious domains

as outlined in the report

This incident is reminiscent of a similar attack in late 2023, when the front-ends of Aerodrome and Velodrome were also compromised,

leading to user losses exceeding $300,000

. The most recent compromise happened just after Aerodrome

revealed its intention to merge with Velodrome

under a unified "Aero" ecosystem, aiming to pool liquidity across both Base and Optimism. Despite the incident, the value of the AERO token

remained steady

, trading near $0.67, marking a 2% rise in the last 24 hours.

Ethereum News Update: Major DEX Compromised as Centralized DNS Vulnerability Threatens DeFi Security image 0

The DNS hijack took advantage of weaknesses in centralized domain registrars, sending users to fake sites that closely resembled the DEXs' original interfaces.

Impacted users described misleading pop-ups

, such as innocent-looking signature requests followed by aggressive prompts to approve NFTs, ETH, and stablecoins. The Aerodrome team

identified the breach

after noticing suspicious domain activity and quickly disabled access to affected domains like aerodrome.finance and aerodrome.box,

advising users to utilize ENS-based mirrors

such as aero.drome.eth.limo. Velodrome issued similar guidance, urging users to avoid centralized domains and use decentralized options

as stated in the report

This event underscores persistent threats in decentralized finance (DeFi), where vulnerabilities in front-end infrastructure—unlike on-chain smart contract exploits—can be targeted without breaching the protocol itself.

Both Aerodrome and Velodrome reassured

that their liquidity pools and protocol reserves were unaffected. Nevertheless, the breach highlights the necessity for stronger domain security, especially for projects dependent on centralized DNS providers.

Aerodrome’s team is currently working with its domain provider, My.box, to investigate the incident and

has called for immediate support

to address the problem. The DEX also

suggested using tools like Revoke.cash

so users can remove recent token permissions and reduce the risk from any lingering malicious access.

The coordinated nature of this attack raises alarms about broader weaknesses in domain management, suggesting that other DeFi platforms could face similar risks. As the sector continues to move toward decentralization, dependence on centralized DNS remains a major concern.

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Earn new token airdrops

Lock your assets and earn 10%+ APR

Lock now!

- Grayscale's Zcash ETF filing highlights growing institutional interest in privacy coins, with ZEC surging over 1,000% year-to-date. - BNB's price decline below $900 contrasts with Zcash's rise, exposing divergent crypto market dynamics between privacy and utility tokens. - Securitize's EU-approved tokenized securities platform on Avalanche aims to digitize $18 trillion in assets by 2033, pending regulatory alignment. - ALT5's volatile treasury model and Upbit's $36M hack underscore 2025's dual-edged inno

Bitget-RWA•2025/11/30 21:46

Zcash Latest Updates: Crypto in 2025—The Paradox of Progress Amid Rising Regulatory and Security Hurdles

The Influence of City Infrastructure Funding on the Value of Commercial Properties: Insights from Webster, NY

- Webster , NY, transformed a 300-acre brownfield into a high-tech industrial hub using FAST NY and BOA grants. - Infrastructure upgrades like road realignment and power modernization boosted industrial demand, slashing vacancy rates to 2%. - Public-private partnerships enabled $650M projects like fairlife® dairy, creating 250 jobs and raising residential property values by 10.1%. - Strategic rezoning and wastewater upgrades diversified Webster’s economy, positioning it as a logistics hub near Buffalo’s tr

Bitget-RWA•2025/11/30 21:44

The Influence of City Infrastructure Funding on the Value of Commercial Properties: Insights from Webster, NY

GeeFi’s Practical Ecosystem Challenges Avalanche’s Speculative Ambitions

- Avalanche (AVAX) fell to $14.94, with short-term volatility and long-term $326/2031 forecasts, contrasting GeeFi (GEE)'s $0.05 presale surge. - GeeFi's $300K+ presale (6.2M tokens sold) highlights its 3,900% ROI potential via a multi-chain wallet and 55% APR staking. - GEE's deflationary model and real-world crypto tools (DEX, spending card) challenge AVAX's speculative reliance on network upgrades. - With 80% Phase 1 completion and 700+ investors, GeeFi's urgency contrasts Avalanche's stagnant $13–$14 s

Bitget-RWA•2025/11/30 21:32

GeeFi’s Practical Ecosystem Challenges Avalanche’s Speculative Ambitions

PENGU Token's Technical Surge and Changing Market Sentiment: A Brief Momentum Opportunity Among Altcoins

- PENGU Token offers high-risk, high-reward potential for short-term momentum traders, driven by technical indicators and ecosystem growth. - Structural risks like regulatory uncertainty and declining NFT demand pose significant challenges to its volatility-driven strategy. - Traders are advised to use tight stop-loss orders and position sizing, treating PENGU as a speculative, short-term play. - The upcoming Cboe ETF decision will be pivotal in determining PENGU's transition from volatile altcoin to viabl

Bitget-RWA•2025/11/30 21:28