BSCN

Celer Network Multi-chain Bridge Faces DNS Exploit

by BSCN

August 18, 2022

Investigations are ongoing, and the platform has asked users to check and revoke several contracts related to the hack.

cBridge Suffers DNS Exploit

A suspected DNS exploit has forced blockchain interoperability platform, Celer Network, to temporarily shut down activity on part of its multi-chain bridge, cBridge.

Initial investigations by Celer Network show that some suspicious DNS activity on the cBridge began around 19:00pm UTC on August 17. The platform believes that the exploit is designed to lure users into interacting with some compromised smart contracts and drain users' crypto assets in the process.

📢📢📢We are seeing reports that reflects potential DNS hijacking of cbridge frontend. We are investigating at the moment and please do not use the frontend for bridging at the moment.
— CelerNetwork (@CelerNetwork) August 17, 2022

While the platform continues its investigations, it shut down aspects of the cBridge frontend user interface as an interim measure to protect users.

In addition, Celer alerted users to revoke any token approvals they gave to the following smart contracts:

Ethereum: 0x2A2aA50450811Ae589847D670cB913dF763318E8
BSC: 0x5895da888Cbf3656D8f51E5Df9FD26E8E131e7CF
Polygon: 0x9c8b72f0d43ba23b96b878f1c1f75edc2beec9f9
Avalanche: 0x9c8B72f0D43BA23B96B878F1c1F75EdC2Beec9F9
Arbitrum: 0x9c8B72f0D43BA23B96B878F1c1F75EdC2Beec9F9
Astar: 0x9c8B72f0D43BA23B96B878F1c1F75EdC2Beec9F9
Aurora: 0x9c8b72f0d43ba23b96b878f1c1f75edc2beec9f9

To revoke approvals, users need to visit the token approval page of each network's blockchain explorer. Users on BNB Chain can use the BSC News guide, and the process is similar on other networks.

📢📢📢If you recently used cBridge, please make sure to check and revoke any token approval for the following contracts:
Ethereum: 0x2A2aA50450811Ae589847D670cB913dF763318E8
BSC: 0x5895da888Cbf3656D8f51E5Df9FD26E8E131e7CF
(cont' in next thread) https://t.co/HJbCxq4RqN
— CelerNetwork (@CelerNetwork) August 17, 2022

The use of cross-chain bridges like cBridge is quite popular perhaps because of its convenience. However, there have been concerns about their possible security vulnerabilities; Ethereum's founder, Vitalik Buterin, famously called them out in a tweet earlier this year:

My argument for why the future will be *multi-chain*, but it will not be *cross-chain*: there are fundamental limits to the security of bridges that hop across multiple "zones of sovereignty". From https://t.co/3g1GUvuA3A: pic.twitter.com/tEYz8vb59b
— vitalik.eth (@VitalikButerin) January 7, 2022

Celer Network is currently investigating the full extent of the DNS exploit. BSC News will bring you the news as more details emerge.

What is Celer Network:

Celer Network is the leading inter-blockchain and cross-layer communication platform in the industry. The protocol offers fast, secure, and cheap bridging between multiple chains. The Celer ecosystem comprises three unique products: inter-chain Message Framework, cBridge, and Layer2.Finance.

Where to find Celer Network:

Website | Twitter | Telegram | Discord | Blog

Don’t forget to download the BSC News mobile application on iOS and Android to keep up with all the latest news for BNB Chain and crypto!

Follow us on Twitter and Instagram!

If you need tools and strategies regarding safety and crypto education, be sure to check out the Tutorials, Cryptonomics Explainers, and Trading Tool Kits from BSC News.

Check out the Web3Wire Linktree to keep up with all relevant Web3 and Crypto!

Looking for a job in crypto? Check out the CryptoJobsNow!