Crypto Investigator Warns of Hijacked Compound Finance Website and Phishing Threat

Crypto investigator ZachXBT has alerted users to avoid the Compound Finance website due to a suspected hijacking.

On July 11, ZachXBT shared on Telegram that the website is redirecting to a newly registered phishing site, presenting a significant security risk.

A member of the Compound Finance team confirmed the breach, advising users to steer clear of the site to prevent potential losses of personal data and funds.

Michael Lewellen, security adviser at the Compound Finance DAO, confirmed that the URL has been compromised and is now hosting a phishing site.

He cautioned users against interacting with the site but assured that the protocol itself and the smart contract funds are secure.

Cointelegraph reached out to the Compound Labs team for comments but has not yet received a response.

This is not the first security incident for Compound Finance. In 2023, the decentralized finance (DeFi) protocol’s official X account was hacked.

READ MORE: European Central Bank Explores Blockchain for Digital Currency with Successful Liquidity Matching Experiment

Similar to the recent incident, hackers used the company’s social media to promote a phishing site.

At the time, the account advertised free crypto tokens, urging users to click a link mimicking the protocol’s official site. The scam was quickly identified and flagged.

Cybersecurity blogger Officer’s Notes and blockchain security platform Scam Sniffer confirmed that the account had posted phishing links.

On December 30, 2023, the Compound Labs team reported that their account had been compromised for four hours before they managed to recover it and remove the spam messages.

On April 4, CertiK CEO co-founder Ronghui Gu urged the community to prepare proactively for attacks as the market grows.

The company observed that phishing attacks in the crypto space had reached alarming levels.

On July 3, CertiK reported that losses in crypto security incidents totaled $1.19 billion in the first half of 2024, with nearly $498 million attributed to phishing attacks.

Gu emphasized the need for multifactor authentication and improved security practices in response to these escalating threats.

To submit a crypto press release (PR), send an email to sales@cryptointelligence.co.uk.