BusinessPostCorner.com
No Result
View All Result
Friday, July 3, 2026
  • Home
  • Business
  • Finance
  • Accounting
  • Tax
  • Management
  • Marketing
  • Crypto News
  • Human Resources
BusinessPostCorner.com
  • Home
  • Business
  • Finance
  • Accounting
  • Tax
  • Management
  • Marketing
  • Crypto News
  • Human Resources
No Result
View All Result
BusinessPostCorner.com
No Result
View All Result

Base’s Top DEX Aerodrome Hit by a Suspected Frontend Security Breach

November 22, 2025
in Crypto News
Reading Time: 5 mins read
A A
0
Base’s Top DEX Aerodrome Hit by a Suspected Frontend Security Breach
ShareShareShareShareShare

Crypto Journalist

Anas Hassan

Crypto Journalist

Anas Hassan

About Author

Anas is a crypto native journalist and SEO writer with over five years of writing experience covering blockchain, crypto, DeFi, and emerging tech.

Share

Last updated: 

November 22, 2025

Base’s Top DEX Aerodrome Hit by a Suspected Frontend Security Breach

Aerodrome Finance, the leading decentralized exchange on the Base network, confirmed it is investigating a suspected DNS hijacking attack that compromised its centralized domains.

The protocol warned users to avoid accessing its primary .finance and .box domains and instead use two secure decentralized mirrors hosted on ENS infrastructure.

The attack unfolded rapidly, with affected users reporting malicious signature requests designed to drain multiple assets, including NFTs, ETH, and USDC, through unlimited approval prompts.

While the team maintains that all smart contracts remain secure, the frontend compromise exposed users to sophisticated phishing attempts that could have drained wallets for those who weren’t carefully monitoring transaction approvals.

We’re actively investigating a frontend compromise.

Please do not access the site through any URL — primary domain or decentralized mirrors — until we confirm everything is safe.

All smart contracts appear secure. Updates soon.

— Aerodrome (@AerodromeFi) November 22, 2025

DNS Hijacking Forces Emergency Protocol Lockdown

Aerodrome’s investigation began when the team detected unusual activity on its primary domain infrastructure approximately six hours before issuing public warnings.

The protocol immediately flagged its domain provider, Box Domains, as potentially compromised and urged the service to reach out urgently.

Within hours, the team confirmed that both centralized domains, .finance and .box, had been hijacked and remained under attacker control.

The protocol responded by shutting down access to all primary URLs while establishing two verified safe alternatives: aero.drome.eth.limo and aero.drome.eth.link.

These decentralized mirrors leverage the Ethereum Name Service, which operates independently of traditional DNS systems that are vulnerable to hijacking.

The team emphasized that smart contract security remained intact throughout the incident, containing the breach exclusively to frontend access points.

Sister protocol Velodrome faced similar threats, prompting its team to issue parallel warnings about domain security.

The coordinated nature of the warnings suggested that attackers may have systematically targeted Box Domains’ infrastructure to compromise multiple DeFi platforms simultaneously.

Users Report Aggressive Multi-Asset Drain Attempts

One affected user described encountering the malicious interface before official warnings circulated, detailing how the compromised site deployed a deceptive two-stage attack.

The hijacked frontend first requested what appeared to be a harmless signature containing only the number “1,” establishing initial wallet connection.

Immediately after this seemingly innocuous request, the interface triggered an unlimited number of approval prompts for NFTs, ETH, USDC, and WETH.

“It asked for a simple signature, then instantly tried unlimited approvals to drain NFTs, ETH, and USDC,” the user reported. “If you weren’t paying attention, you could’ve lost everything.”

The victim documented the attack through screenshots and video recordings, capturing the progression from initial signature request through multiple drain attempts.

Before these unlimited approval prompts, the hijacked site first asked me to sign a harmless-looking message with just “1”.
Right after, it triggered approvals to drain NFTs, ETH, USDC, WETH, everything.
If you weren’t paying attention, you could lose your whole wallet instantly. pic.twitter.com/bJxFazMEvn

— Mynimal Monster (@MynimalM) November 22, 2025

Their investigation, conducted with AI assistance, examined browser configurations, extensions, DNS settings, and RPC endpoints before concluding that the attack pattern aligned with DNS hijacking methodology.

Another community member shared an experience with a separate, draining incident recently, describing themselves as a seasoned veteran and full-stack developer who still fell victim to sophisticated attacks.

Despite technical expertise, the user lost significant funds and spent 3 days developing a Jito bundle-based script to recover roughly 10-15% of the stolen assets through on-chain stealth operations.

October Records Lowest Crypto Hack Losses of the Year

The Aerodrome incident emerged during October’s unexpected security milestone, as the crypto market experienced its lowest monthly hack losses of the year.

Data from blockchain security firm PeckShield shows only $18.18 million was stolen across 15 separate incidents, representing a steep 85.7% decline from September’s $127.06 million.

Without the late-month Garden Finance exploit, total losses would have hovered near $7.18 million, the lowest single-month value since early 2023.

The largest incidents occurred at Garden Finance, Typus Finance, and Abracadabra, which collectively accounted for $16.2 million of total stolen funds.

Garden Finance, a Bitcoin peer-to-peer protocol, disclosed on October 30 that it had been exploited for more than $10 million after one of its solvers was compromised, with the breach affecting only the solver’s own inventory.

Typus Finance suffered an oracle manipulation attack on October 15 that drained roughly $3.4 million from its liquidity pools, traced to a flaw in one of its TLP contracts that caused the project’s native token to drop about 35%.

DeFi lending platform Abracadabra endured its third exploit since launch around the same time, resulting in roughly $1.8 million in MIM stablecoin losses after hackers bypassed solvency checks through a smart contract vulnerability.



Credit: Source link

ShareTweetSendPinShare
Previous Post

Saylor Dismisses Stablecoin Threat to Bitcoin’s $1.2M Path

Next Post

Does $241M in Whale Accumulation Signal a Reversal?

Next Post
Does 1M in Whale Accumulation Signal a Reversal?

Does $241M in Whale Accumulation Signal a Reversal?

XRP Price Prediction: XRP Regains Momentum After Reclaiming Key Support

XRP Price Prediction: XRP Regains Momentum After Reclaiming Key Support

June 30, 2026
Mark Zuckerberg’s Meta AI Predicts Unbelievable Bitcoin Price by the End of 2026

Mark Zuckerberg’s Meta AI Predicts Unbelievable Bitcoin Price by the End of 2026

July 3, 2026
El Salvador Bitcoin Reserve Faces IMF Scrutiny

El Salvador Bitcoin Reserve Faces IMF Scrutiny

June 29, 2026
How the hybrid finance workforce creates new value

How the hybrid finance workforce creates new value

June 29, 2026
Utility boss warns US faces blackouts due to power supply shortfall

Utility boss warns US faces blackouts due to power supply shortfall

June 27, 2026
Ryanair warns of ‘nightmare’ if new EU border checks not delayed

Ryanair warns of ‘nightmare’ if new EU border checks not delayed

July 2, 2026
BusinessPostCorner.com

BusinessPostCorner.com is an online news portal that aims to share the latest news about following topics: Accounting, Tax, Business, Finance, Crypto, Management, Human resources and Marketing. Feel free to get in touch with us!

Recent News

Japan taps Cognition’s ‘Devin-kun’ as legacy code, shrinking workforce opens market for AI coding

Japan taps Cognition’s ‘Devin-kun’ as legacy code, shrinking workforce opens market for AI coding

July 3, 2026
An American birthday worth celebrating

An American birthday worth celebrating

July 3, 2026

Our Newsletter!

Loading
  • Contact Us
  • Privacy Policy
  • Terms of Use
  • DMCA

© 2023 businesspostcorner.com - All Rights Reserved!

No Result
View All Result
  • Home
  • Business
  • Finance
  • Accounting
  • Tax
  • Management
  • Marketing
  • Crypto News
  • Human Resources

© 2023 businesspostcorner.com - All Rights Reserved!