DeFi platforms PancakeSwap, Cream Finance hit by domain name system hijacks

UPDATE: Cream Finance announced on Twitter that it has regained control of its DNS. "These sites are now safe to use. Thank you for your patience as we are [sic] continue to monitor this situation," the project team said.

DeFi platforms PancakeSwap and Cream Finance warned users on Monday that they were hit by domain name system (DNS) hijackings.

The strong warnings were issued on social media in a bid to keep users from falling victim to dual schemes to collect private keys or seed phrases from would-be victims. Such information obtained by this kind of phishing scheme would then allow a hacker to then steal funds from affected users.


As of press time, PancakeSwap has said that it has regained access to its DNS. Cream Finance appeared to be in the process of seeking DNS access, pointing users toward an alternative address in the meantime.

A DNS hijacking allows an attacker to present a fraudulent web portal to visiting users, often aimed at collecting personal information -- in this case, the private keys needed to steal their funds. The U.S. government and private security firms have issued warnings in recent years about such attacks, as noted in a 2019 report by Krebs On Security. 

This is a developing story and will be updated as new information becomes available.