Celer Network, an interoperability platform that interconnects different blockchains, has issued a warning to its users due to a DNS security threat. In a tweet, the platform noted that it discovered some dubious DNS traffic yesterday evening, and its team is still trying to find the root of the problem, which points to DNS hijacking. As a result, the platform requested its users to cancel any active smart contract approvals. The network has already disabled its cBridge to prevent more user damage.
According to Celer Network, users should cancel any token access they had given to smart contracts on major chains such as Polygon, Ethereum, Astar, and Avalanche. However, the security alert heavily affects those who “recently used cBridge.”
To revoke the rights, users must visit a network’s token approval interface and do it manually as they await a full audit of what went wrong.
In a Twitter thread, Celer Network explained that the DNS security threat involves malicious individuals hijacking the platform’s user interface to “redirect users” to steal their tokens. Some community members thanked the network for giving them a heads up.
For example, @EthLdgr wrote, “Ok, so I should be safe, thanks for the heads up. Sorry to everyone this has affected.”
However, others took the opportunity to open the decentralized finance (DeFi) security topic. @max_icee wished that the Celer team could fix the issue, adding that “DeFi always has been lacking on security.”
The Celer Network DNS hijacking comes roughly eight months after Vitalik Buterin, Ethereum’s co-founder, observed that bridges linking multiple blockchains have critical security flaws. Buterin also noted that the future has a place of various chains but not cross-chains. In 2022, cross-chain security breaches have led to the loss of approximately two billion USD and accounted for nearly 70 percent of all crypto stolen this year.