Another DeFi Hack: PancakeSwap, Cream Finance Websites Compromised

At least two major decentralized finance (DeFi) projects – Pancakeswap (CAKE) and Cream Finance (CREAM) – on Monday, urged their users to stay away from their websites that were hit with so-called DNS-hijacks. (Updated at 16:32 UTC: updates throughout the entire text. Updated on March 16, 05:21 UTC with a comment from Cream Finance.)

At 16:03 UTC, PancakeSwap said that they regained access to the DNS.

“Some users might still be affected, depending on their DNS resolution as some propagation time may be needed,” they said, promising more updates soon.

Meanwhile, Cream Finance, at 16:16 UTC, said they have purchased and deployed to app.creamfinance.co, claiming that this site is safe to use. Later, they confirmed that they have also regained control of DNS and “everything is back to normal on cream.finance and app.cream.finance” – “these sites are now safe to use.”

“Your funds are only at risk if you enter your private key or seed phrase into the hijacked site,” PancakeSwap said on Monday.

Cream Finance also confirmed that their “DNS has been compromised by a third party; some users are seeing requests for seed phrase on http://app.cream.finance. DO NOT enter your seed phrase.”

“A number of DeFi projects are under DNS hijack attack. Pancake, Cream, etc. Please be VERY VERY careful and not use them until they recover the situation,” Binance CEO Changpeng Zhao warned.

___
Learn more:
– Hack Sunday: NFT Theft Follows a Personal Token Attack
– Crypto Security in 2021: More Threats Against DeFi and Individual Users