Ethereum Updates: DeFi's Vulnerability Exposed—Centralized DNS Attacks Lead to User Asset Loss

Bitget App

Trade smarter

Bitget

News

Markets

Ethereum Updates: DeFi's Vulnerability Exposed—Centralized DNS Attacks Lead to User Asset Loss

Bitget-RWA2025/11/23 16:36

By:Bitget-RWA

- Aerodrome and Velodrome DEXs suffered DNS hijack attacks, redirecting users to phishing sites via compromised registrars like Box Domains. - Attackers exploited centralized domain vulnerabilities to steal ETH, NFTs, and stablecoins, mirroring a 2023 incident that caused $100K+ losses. - Platforms urged users to bypass main domains and use decentralized mirrors, highlighting ongoing risks in DeFi's off-chain infrastructure. - Experts recommend DNSSEC and ENS adoption as solutions, while Dromos Labs plans

Aerodrome, the leading decentralized exchange (DEX) operating on

Ethereum

Layer 2 network Base, along with Velodrome, its equivalent on

Optimism

, experienced a DNS hijacking incident early Saturday, which redirected users to fraudulent websites. This breach closely resembled an event from late 2023, highlighting ongoing weaknesses in centralized domain management. Both exchanges assured users that their smart contracts were unaffected, but cautioned against accessing their main domains, such as Aerodrome.finance and Velodrome.finance, recommending instead to

use decentralized mirrors

The attackers exploited flaws in domain registrar systems, enabling them to modify DNS settings and reroute visitors to malicious front-ends. Victims encountered misleading prompts, tricking them into approving transactions that drained their assets, including NFTs, ETH, and stablecoins

according to Bitget

. Aerodrome indicated that the attackers targeted Box Domains, its registrar, while Velodrome initially reached out to My.box for assistance before withdrawing the statement

according to CryptoRank

. Despite the compromise, the phishing sites were taken offline by Saturday afternoon, suggesting that mitigation steps were underway

according to FinanceFeeds

Investors were reminded that although on-chain contracts generally remain secure during such incidents, compromised front-ends present serious phishing dangers. "Always confirm contract interactions directly on-chain if the website is down,"

advised security experts

. The 2023 attack on these platforms reportedly resulted in losses exceeding $100,000, with the breach traced back to registrar Porkbun

according to FinanceFeeds

. The recurrence of these attacks underscores the persistent risks associated with centralized DNS, which continues to be a major vulnerability for DeFi projects

according to Bitget

Aerodrome and Velodrome are crucial to their respective blockchain ecosystems. Aerodrome is the primary source of liquidity on Base, while Velodrome serves as a central hub for Optimism’s Superchain. The simultaneous targeting of both DEXs highlights the interconnected risks across ecosystems, as many protocols depend on them for routing and incentives

according to FinanceFeeds

. The incident comes at a sensitive time for Dromos Labs, the team behind Velodrome, which recently revealed plans to merge Aerodrome and Velodrome into a single platform called Aero. This unified protocol, scheduled for launch in Q2 2026, is intended to pool liquidity across both Base and Optimism

according to FinanceFeeds

This event has reignited discussions about the importance of off-chain security in DeFi. While smart contracts are often robust, administrative controls and domain registrars remain susceptible to attacks. Experts suggest implementing measures such as DNSSEC, multi-factor authentication for domain accounts, and decentralizing front-ends using IPFS or

Ethereum Name Service

(ENS)

according to FinanceFeeds

Ethereum Updates: DeFi's Vulnerability Exposed—Centralized DNS Attacks Lead to User Asset Loss image 0

Aerodrome and Velodrome have also recommended that users revoke recent token permissions and utilize services like Revoke.cash to reduce exposure

according to Bitget

Industry responses include the introduction of solutions such as Infoblox’s DNS-based threat protection, which works with AWS to proactively block harmful domains

according to GlobalNewswire

. These approaches may help address the broader challenge of DNS security, as attackers increasingly exploit these weaknesses to circumvent conventional defenses

according to GlobalNewswire

For now, users are encouraged to access decentralized mirror sites or interact directly with verified contract addresses. This incident is a stark reminder that, even as DeFi protocols bolster on-chain protections, off-chain vulnerabilities continue to pose significant threats to user assets

according to FinanceFeeds

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Earn new token airdrops

Lock your assets and earn 10%+ APR

Lock now!

- Saudi Arabia strengthens regional trade ties with Egypt, aiming to boost 86% of Egyptian firms' trade under Vision 2030, focusing on tech and energy sectors. - Chinese aesthetic tech firm Aphranel showcases innovations at Saudi medical congress, highlighting growing Middle East market integration. - Houthi threats in Yemen persist, raising regional security risks that could hinder Saudi economic ambitions and foreign investment goals. - Saudi-Egyptian investment agreements aim to enhance legal frameworks

Bitget-RWA•2025/11/30 16:44

Saudi Arabia's Vision 2030 Encounters Houthi Challenges Amidst Growth in Trade and Technology

"Retail's Digital Revolution: Black Friday's 9.1% Online Spike Signals New Consumer Era" <div>Retail's Digital Revolution: Black Friday's 9.1% Online Spike Signals New Consumer Era</div> 改写： <div>The Digital Shift in Retail: Black Friday Sees 9.1% Surge in Online Sales, Marking a New Age for Shoppers</div>

- U.S. online Black Friday spending hit $11.8B in 2025, a 9.1% surge driven by AI tools and social media campaigns. - In-store traffic fell 3.6% as shoppers spread purchases across extended promotions, while tariffs pushed average prices up 7% despite 1% lower order volumes. - Holiday sales are projected to reach $1.01-$1.02 trillion, reflecting a 3.7-4.2% growth but slower than 2023's 4.3% increase. - Scams targeted 31% of U.S. adults, while grassroots boycotts against Trump-linked retailers emerged, thou

Bitget-RWA•2025/11/30 16:44

"Retail's Digital Revolution: Black Friday's 9.1% Online Spike Signals New Consumer Era"

<div>Retail's Digital Revolution: Black Friday's 9.1% Online Spike Signals New Consumer Era</div>

改写：

<div>The Digital Shift in Retail: Black Friday Sees 9.1% Surge in Online Sales, Marking a New Age for Shoppers</div>

Bitcoin News Today: Surging Institutional Interest Pushes BlackRock’s Bitcoin ETF to $70 Billion

- BlackRock's IBIT bitcoin ETF surged to $70.7B in 341 days, generating $245M annual fees as top revenue driver. - U.S. spot bitcoin ETF approval fueled institutional demand, with IBIT capturing 3% of total bitcoin supply. - BlackRock increased its own IBIT stake by 14%, despite $2.34B November outflows deemed "normal" for retail-driven products. - ETF resilience shown through $21.1M November 27 inflow, reinforcing bitcoin's strategic role amid macroeconomic uncertainties.

Bitget-RWA•2025/11/30 16:44

Hyperliquid News Today: Hayes-Hon Dispute Highlights the Rift Between Crypto Fundamentals and Market Hype

- Monad's MON token collapsed 40% in three days, triggering $6M+ liquidations on HyperLiquid as high-FDV projects face volatility risks. - Arthur Hayes criticized MON's 90% locked supply as a "hot potato" scheme, while founder Keone Hon defended its C++/Rust architecture and 1-second finality. - Whale wallets lost $1.9M-$4.17M in leveraged positions, highlighting systemic risks in low-liquidity tokens amid spoofed transfers and declining trading volume. - The debate underscores crypto's infrastructure vs.

Bitget-RWA•2025/11/30 16:28