Aping into DeFi? Check for This Scam

#

Decentralized yield farming projects are engineered to push investors to a fast decision. A one-stop shop set up as a website means anyone with the MetaMask or a similar portable wallet can, on impulse, send coins to a smart contract and start earning. Those projects remain popular despite a long string of hacks, exploits and exit scams.

Another type of scam was added to the list, after several projects suffered a DNS attack, where the site was hijacked by malicious hackers. Eventually, multiple investors lost their tokens, as the site required access to private keys. 

The most visible hacks happened for Pancake Swap and CreamDotFinance, two relatively popular yield farming venues. The hijacked domains left the projects scrambling to move to a new safe location. 

CreamDotFinance warns against using any of its old locations, and has purchased a newly protected domain. 

To our community ~ https://t.co/Tz2zo7WsXd and https://t.co/Hr6S4Fqodo are now considered compromised sites – DO NOT USE either domain until further notice.

We have purchased and deployed to https://t.co/BqbK4lkSNm – this site is SAFE to use.

— Cream Finance 🍦 (@CreamdotFinance) March 15, 2021

Pancake Swap returned to most of its functionality, warning users to check the DNS status before attempting any operations with the chosen location. 

You can check the progress here:https://t.co/ynfEfVQRy8

Areas that say the below are back to normal:https://t.co/uG6cdxD2WBhttps://t.co/oDEowdsqAB

Any other pairs mean the area is not ready yet.

We will ask to lift the block/warning when all areas are fully propagated.

— PancakeSwap 🥞 #BSC (@PancakeSwap) March 15, 2021

Projects Take a Hit on Prices

One of the faults of DeFi projects is that any exploit severely hurts the market price of their native token. CREAM crashed from a recent peak above $340 to as low as $104. 

The CAKE token wiped out about 25% of its value, and for now the project looks like it will survive the exploit. Both tokens are usable and the smart contracts remain uncompromised by other types of attack. 

Right until the attacks, the tokens were viewed as potentially breaking out to higher valuations. The protocols keep adding new tokens, and Pancake Swap is a potential alternative to UniSwap, where fees for each trade may be prohibitive.

For CreamDotFinance, this is the second exploit in a month. In February, the projects suffered a smart contract exploit, which uses a single transaction to drain liquidity pools. Smart contract exploits are the more usual hack for DeFi projects, affecting liquidity pools almost daily. 

$CREAM

Another day, another #DeFi hack news. Still waiting for confimation from $CREAM's team.

Looks like about $100mn was looted, basing this transaction.https://t.co/rN2UfeqepP pic.twitter.com/O6V6XfTORX

— Coin Analyst | Dont follow if you hate money (@Coin_Analyst) February 13, 2021

The price of CREAM continues to slide, threatening to go below $100.

How to Avoid the Fraud

The silver lining is that the DNS attacks had to rely on user behavior to pull off their heist. The tell-tale sign is that the fake sites demand the user’s seed phrase. 

In general, DeFi communicates with a user’s public key and they are not required to share their private key or seed phrase. MetaMask makes sure to transfer tokens without need to access that data. 

In the past, private seed phishing has been performed through: 

• Fake links to unlocking wallets;
• Phishing ICO sites stealing assets directly;
• Links sent through chat groups requiring the user to unlock a wallet with a seed phrase.

Projects usually take care to warn users that they will never ask for private keys or seed phrases. But 2021 saw many crypto newcomers, who are still not aware of those risks and phishing schemes.

More experienced users almost immediately noticed the rogue connection page, and suggested the frontend of CreamDotFinance has been hacked. 

Did @CreamdotFinance just have their frontend hacked? Careful out there folks, don't give people your seed phrases 😬 pic.twitter.com/uw1fjawTJK

— Matt Luongo (@mhluongo) March 15, 2021

The best approach is to make sure the service is working and using the right address, as well as recognizing the way wallets communicate with DeFi smart contracts. 

Users that lost funds also compromised the wallets used for the two DeFi projects. The best approach when a wallet is compromised is to never use it again to store assets. 

Binance Smart Chain Projects Still Offer Lower Fees

Both PancakeSwap and CreamDotFinance escaped the high transfer fees on Ethereum and built their platforms on Binance Smart Chain. The network is a delegated staking blockchain, which does not incur gas fees, leading to faster and cheaper transactions. 

PancakeSwap was also among the first six projects to receive a $100M acceleration fund from Binance. DeFi projects are resilient, and even after exploits or price crashes, those tokens often return and attract new buyers.

Other Projects May be Affected

Other projects may pose risk for faulty sites and unauthorized demand for private keys. The CEO and co-founder of the Binance exchange, Changpeng “CZ” Zhao, added his warning without mentioning specific tokens. 

A number of DeFi projects are under DNS hijack attack. Pancake, Cream, etc. Please be VERY VERY careful and not use them until they recover the situation. Please also help spread the awareness. https://t.co/rG8Ad77nYF

— CZ 🔶 Binance (@cz_binance) March 15, 2021

Binance Smart Chain hosts dozens of DeFi projects, with PancakeSwap the most widely used one. The top 10 distributed apps on Binance Smart Chain are all forms of DeFi automated trading venues, revealing the latest trend in crypto to point more resources to yield farming. 

PancakeSwap alone has more than 42,000 users per day, up to five times higher compared to less popular projects. At this point, it is unknown how many users were affected by the DNS hijacking before the project launched its new safe location.

#