Haciyev Reşit 
Aerodrome Finance, a decentralized exchange operating on Base, has issued an urgent warning after a potential security breach was detected on its front-end interface. The team has asked users not to access the platform through any centralized domain names until the investigation is complete. The alert aims to limit the impact of a possible DNS hijacking attack, which could put user funds at serious risk.
Centralized Domains Compromised, Decentralized Mirrors Safe
The Aerodrome team confirmed that centralized domains ending with .finance and .box may have been taken over by attackers. As a result, users are advised not to visit the platform through these addresses.
However, two decentralized access points remain safe:
- drome.eth.limo
- drome.eth.link
The team stated that the smart contract infrastructure appears secure and that the attack is limited to the front-end layer. Updates will be shared as the investigation progresses. Around the same time, Velodrome Finance also reported a similar attack, raising concerns that this may be part of a larger, coordinated DNS operation.
Reports from community members suggest the impact is severe. One user claimed that over $1 million in assets were stolen in under an hour during the Aerodrome and Velodrome attacks. Others reported visiting the site and receiving unlimited approval requests for NFT, ETH, and USDC spending, even without initiating any transactions. This indicates that the attack involves aggressive, automated approval manipulation.
DNS Attack Sparks Debate: Response From the Co-Founder
Aerodrome’s co-founder and Dromos Labs CEO, Alexander Cutler, criticized mocking comments made by another project while the attack was still ongoing. Cutler emphasized that decentralized domain mirrors were unaffected, the 3DNS infrastructure is protected by multisig, and the teams are working intensively to resolve the issue.
Cutler highlighted that opportunism has no place in industry competition:
“The first rule of building in DeFi is not to exploit DNS attacks—especially those outside a team’s control—to belittle other projects.”
Hackers Are Faster Than Ever: New Report Raises Alarm
A new report from Global Ledger shows that crypto attacks in 2025 have become significantly faster and more aggressive. Over $3 billion in assets were stolen in the first quarter alone, and in most cases, the funds were laundered within minutes.
Centralized exchanges remain a major weak point:
- Around 15% of laundered funds pass through CEXs
- Compliance teams often have only a few minutes to block suspicious transactions
- Over half of this year’s total losses originated from CEX-related incidents
The report underscores the urgent need for real-time threat monitoring and rapid intervention.
Aerodrome Attack Sends a New Warning to the Industry
The attack on Aerodrome Finance highlights once again how vulnerable platforms linked to centralized domain names can be. The fact that decentralized mirror domains remained safe demonstrates the importance of infrastructure diversity in the Web3 ecosystem.
As the investigation continues, users are strongly advised to:
- Use only the verified, decentralized access points
- Avoid any centralized domains
- Carefully check all approval requests before confirming
The incident serves as a stark reminder that security risks in DeFi are evolving rapidly — and vigilance is more important than ever.
You can also freely share your thoughts and comments about the topic in the comment section. Additionally, don’t forget to follow us on our Telegram, YouTube, and Twitter channels for the latest news and updates.