Breaking Several Binance Smart Chain Projects Under DNS Attack

2 mins
15 March 2021, 16:11 GMT+0000
Updated by Anirudh Tiwari
15 March 2021, 16:11 GMT+0000
In Brief
  • Several DeFi projects on the Binance Smart Chain are under a DNS attack, including Pancake Swap and Cream.
  • Cream first reported their Domain Name System had been compromised by a third-party.
  • PancakeSwap then confirmed they had been DNS hijacked, prompting an announcement from Binance CEO Changpeng Zhao.
  • promo

Several Decentralized Finance (DeFi) projects on the Binance Smart Chain announced that they are under a Domain Name System (DNS) attack.

A DNS attack can take several forms. However, the affected platforms have reported facing a DNS hijacking on the Binance Smart Chain. In this instance, their domain names have been hijacked, resulting in the internet traffic being diverted to an unknown destination.

Cream Hijacked

First, Cream Finance tweeted that a third party had compromised its DNS. It explained that some of its users were seeing requests for their seed phrases. Seed phrases are commonly used to recover wallets.

It is often warned that seed phrases should never share them with third-parties, who would then have access to the user’s wallet. “We will never ask you to submit any private key or seed phrases,” the tweet from Cream emphasized.

PancakeSwap Suspected, Confirmed

Shortly after that, PancakeSwap reported that they might have been hijacked as well, similar to Cream. They recommended not using their site until it was confirmed. Within a few minutes, PancakeSwap confirmed that their DNS had been hijacked as well. They also emphasized to “NEVER EVER input your seed phrase or private keys on a website.”

Binance Takes Notice

As PancakeSwap is the largest DeFi platform on Binance’s Smart Chain (BSC), it was only a matter of time before they were alerted to the attack. Binance CEO Changpeng Zhao then took to Twitter to announce that the attack was taking place.

In reply to CZ’s tweet, a Twitter user shared an image of trying to access the PancakeSwap domain. The picture shows a warning that the connection was not private and that attackers might steal the user’s information via the PancakeSwap domain.

Unfortunately, this isn’t the first instance of cyberattacks against projects on the Binance Smart Chain. Last month, Cream acknowledged that a hacker had been able to steal $37.5 million before they were able to cut him off. Recently, Binance Smart Chain has become a serious competitor to Ethereum due to its high gas fees. However, ongoing security issues may compromise that ambition.


BeInCrypto has reached out to company or individual involved in the story to get an official statement about the recent developments, but it has yet to hear back.