Decentralized Exchanges Velodrome and Aerodrome Face Frontend Security Breach

Decentralized exchanges (DEX) Velodrome and Aerodrome have issued urgent warnings to their users after falling victim to an attack that compromised the security of their websites. 

Both platforms have advised users not to interact with their sites until further notice as investigations into the full extent of the breach continue.

The assailants apparently targeted the Domain Name System (DNS), a fundamental protocol crucial for the seamless functioning of websites.

‍

Response and Ongoing Investigations

While the DNS is a widely used and reliable system, vulnerabilities can be exploited by attackers to execute malicious actions. On-chain detective ZachXBT disclosed that funds stolen during the incident have been traced to specific addresses. 

Reports indicate over $40,000 in funds have been transferred to two identified addresses. Velodrome and Aerodrome, however, assured users that protocol funds are safe. While using Velodrome, one user encountered a "weird" message and advised others to be vigilant. 

Velodrome, currently holding the second-largest decentralized exchange protocol position on OP Mainnet in terms of total value locked and revenue has over $139 million in locked value. Meanwhile, Aerodrome leads as the largest protocol on Base by total value locked, with a figure surpassing $62 million.