COMPOUND FINANCE

DESCRIPTION OF EVENTS

"Compound Finance is one of the most widely used protocols in the DeFi ecosystem. Deployed on Ethereum, its purpose is to issue automatic, permissionless loans of Ether and various ERC20 tokens. As of February 2022, the protocol held more than $10 billion in assets across 18 markets."

"To invest in Compound, users deposit Ether or supported ERC20 tokens into one of the protocol’s markets. In exchange, they receive cTokens for that market, with which they can redeem their investment. Compound’s cTokens are differentiated and denominated according to the underlying asset. For example, investors who deposit Ether (ETH) receive cETH tokens, which are redeemable for ETH. Similarly, investors who deposit USDC receive cUSDC tokens, which are redeemable for USDC, and so on. In addition to being redeemable for the underlying asset, cTokens can be traded according to their market value."

"The total value of each market increases as funds are lent out and repaid. As the value held in a market grows, the cTokens for that market increase in value and can be redeemed for more of the underlying asset. In this way, investors accrue interest. When the protocol operates as intended, the value of a cToken relative to its underlying asset should only increase, i.e., only positive interest rates should be possible."

"Compound DAO security advisor Michael Lewellen tweeted that the Compound Finance official website (http://compound.finance) has been compromised and is currently hosting a phishing site. Do not interact with the site until further notice."

"ALERT: The http://compound.finance URL has been compromised and is currently hosting a phishing site. DO NOT interact with the http://compound.finance website until further notice.

The Compound protocol itself is not impacted and all smart contract funds are safe."

"URGENT: The Compound Labs website (compound[.]finance) has been compromised.

Please do not visit the website or clink any links until further notice. An update will be provided when available."

"BREAKING: Multiple cryptocurrency platforms tied to Squarespace, including Compound Finance and Celer Network, reported security breaches affecting their websites.

The breach appears to be a DNS attack, adding to the long list of crypto hacks so far in 2024."

"Security advisor to the Compound DAO, Michael Lewellen, posted a community alert via X (formerly Twitter), urging users to avoid the platform’s website. Compound Finance confirmed the attack 90 minutes later. The breach was highlighted earlier by ZachXBT via Telegram."

Explore This Case Further On Our Wiki

Compound Finance is one of the most popular decentralized finance protocols for loans. They used SquareSpace as their domain registrar. Early in the morning of July 11th, their domain was hijacked, and pointed users to a malicious wallet draining application. They are among a few domains hosted on SquareSpace which were hijacked. It is unclear how many users were drained from this attack.

SlowMist Hacked - SlowMist Zone (Jul 11)
@LewellenMichael Twitter (Jul 15)
@compoundfinance Twitter (Jul 15)
@Mayhall_ Twitter (Jul 15)
@blockaid_ Twitter (Jul 15)
@ThePulseWallet Twitter (Jul 15)
@0xngmi Twitter (Jul 15)
@DanKazenoff Twitter (Jul 15)
@_mwc Twitter (Jul 15)
Compound Finance and Celer Network websites compromised in ‘front-end’ attacks (Jul 15)
@PelehSergii Twitter (Jul 15)
@MLion_AI Twitter (Jul 15)
@TheBlokTalk Twitter (Jul 15)
@ankitav Twitter (Jul 15)

More case studies

OpSec Staking Security
Private Key Breach

Smart Bank Token (SBT)
Contract Drained