Compound Finance confirms hack, warns users of phishing from website

The DeFi protocol has warned its users not to visit the official site as a phishing attack redirects to malicious sites.

compound finance hack illustration

Key Takeaways

  • Compound Finance's primary domain was hijacked, and currently redirects to a phishing site.
  • Despite the website compromise, Compound protocol and smart contract funds remain secure.

Share this article

Compound Labs issued an urgent warning via its official X account at 5:15 AM EDT on July 11, confirming that a hack on their compound[.]finance site has occurred.

Compound Security Advisor Michael Lewellen confirmed the breach on X, advising users to not interact with the Compound Finance website until further notice. Lewellen stated that while the website has been compromised, the Compound protocol remains unaffected, and all smart contract funds are secure.

The incident appears to be a sophisticated phishing attack involving domain hijacking. The legitimate Compound Finance website has been replaced with a fraudulent site designed to steal user information and potentially their digital assets.

Prior to the confirmation from Compound, onchain investigator ZachXBT issued a warning on Investigations, his crypto community Telegram channel, to avoid using the Compound Finance website due to it redirecting to a scam site compound-finance[.]app. The warning from ZachXBT was sent at 2:48 AM EDT. It remains unclear whether the gap between ZachXBT’s initial disclosure and the confirmation by the protocol has resulted in significant damages.

This breach follows a previous security incident last year where Compound Finance’s X account was hacked and used to promote a phishing site, resulting in a reported loss of approximately $4.4 million LINK tokens.

Share this article