BNB -0.15%
BTC 0.03%
DOGE -1.46%
ETH -0.48%
PEPE -8.24%
XRP -0.82%
SHIB -1.54%
SOL -0.90%
Best Crypto Poker

Another DeFi Hack: PancakeSwap, Cream Finance Websites Compromised

Linas Kmieliauskas
Last updated: | 1 min read

At least two major decentralized finance (DeFi) projects – Pancakeswap (CAKE) and Cream Finance (CREAM) – on Monday, urged their users to stay away from their websites that were hit with so-called DNS-hijacks. (Updated at 16:32 UTC: updates throughout the entire text. Updated on March 16, 05:21 UTC with a comment from Cream Finance.)

Source: Adobe/Negro Elkha

At 16:03 UTC, PancakeSwap said that they regained access to the DNS.

“Some users might still be affected, depending on their DNS resolution as some propagation time may be needed,” they said, promising more updates soon.

Meanwhile, Cream Finance, at 16:16 UTC, said they have purchased and deployed to, claiming that this site is safe to use. Later, they confirmed that they have also regained control of DNS and “everything is back to normal on and” – “these sites are now safe to use.”

“Your funds are only at risk if you enter your private key or seed phrase into the hijacked site,” PancakeSwap said on Monday.

Cream Finance also confirmed that their “DNS has been compromised by a third party; some users are seeing requests for seed phrase on DO NOT enter your seed phrase.”

“A number of DeFi projects are under DNS hijack attack. Pancake, Cream, etc. Please be VERY VERY careful and not use them until they recover the situation,” Binance CEO Changpeng Zhao warned.

Learn more:
Hack Sunday: NFT Theft Follows a Personal Token Attack
Crypto Security in 2021: More Threats Against DeFi and Individual Users