QUADRIGA INITIATIVE
CRYPTO WATCHDOG & FRAUD RECOVERY PLATFORM
A COMMUNITY-BASED, NOT-FOR-PROFIT
UNKNOWN
MARCH 2021
GLOBAL
PANCAKESWAP
DESCRIPTION OF EVENTS
"PancakeSwap is a decentralized exchange (DEX) on the Binance Smart Chain (BSC), which uses permission less liquidity pools run by algorithms. This creates what is known as an automated market maker (AMM)."
"Earlier today, a similar service called Cream Finance said its DNS (domain name service) had been "compromised by a third party." PancakeSwap’s Twitter account then confirmed that it had been attacked through the same mechanism."
"Your funds are only at risk if you enter your private key or seed phrase into the hijacked site." "DO NOT go to the Pancakeswap site until we confirm it is all clear. NEVER EVER input your seed phrase or private keys on a website."
"We have regained access to the DNS. Some users might still be affected, depending on their DNS resolution as some propagation time may be needed."
PancakeSwap runs a decentralized exchange platform. However, most users interacting with it use a central website.
This website was compromised through DNS, meaning that the domain name redirected traffic to a different server run by the attacker. According to information from Cream Finance, the attack was performed by compromising GoDaddy.
The attacker put up a website which attempted to trick users into providing their private key information. It's not known how many users fell for this.
HOW COULD THIS HAVE BEEN PREVENTED?
In general, most users are educated against entering their seed phrase on any website, DNS hijacking incidents are relatively rare, and only a small portion of platform users would interact with the platform site while the event happens.
This type of situation is likely best dealt with through education for users, better training for platform operators regarding the proper domain name security, and having a fund set up to assist users in case of loss events.
DeFi Exchange PancakeSwap Warns of Hack: ‘Do Not Use the Site’ - Decrypt (Jun 26)
@PancakeSwap Twitter (Jun 26)
@PancakeSwap Twitter (Jun 26)
@CreamdotFinance Twitter (Jun 26)
@cz_binance Twitter (Jun 26)
@PancakeSwap Twitter (Jun 26)
https://pbs.twimg.com/media/Ewh7aiNUUAMk2ST?format=jpg&name=4096x4096 (Jun 26)
@_nampdn Twitter (Jun 26)
Don't fall for the DNS hijacking scams! : pancakeswap (Jun 26)
Was Pancakeswap hacked again? : pancakeswap (Jun 26)
DeFi Projects Cream Finance, PancakeSwap Hit With ‘DNS Hijacks’ - CoinDesk (Jun 26)
@PancakeSwap Twitter (Jun 26)
blocksec-incidents/2021.md at main · openblocksec/blocksec-incidents · GitHub (Aug 11)
PancakeSwap Project Insight: A Dex AMM and Yield Farming Project - Binance Chain News (Aug 11)
