Celer Network has been forced to shut down activity on its multi-chain cBridge. The firm suspects a possible DNS exploit on the platform, and teams are investigating the issue and have disabled the bridge to protect their crypto assets.
Celer Network took to Twitter and informed the community of the suspicious DNS activity on their cBridge. According to the firm, the dubious activities began at 19:00 UTC on August 17th.
According to the community’s investigation, the attacker’s wallet is estimated to have stolen 128 ETH, valued at $240,000.
According to the network, the exploit aims to deceive users into engaging with some compromised smart contracts. The attackers could then drain investors’ crypto assets in the process. Additionally, the network has given a list of smart contracts for users to revoke in the case of an attempted exploit.
Users should visit the token approval page of each network’s blockchain explorer to revoke approvals.
According to Celer Network, smart contracts and the Celer protocol remain unaffected. Moreover, the root record for Celer DNS was never altered or compromised. The firm compared the exploit to what happened with Curve Finance. The exploit attacked third-party DNS providers and ISPs beyond the network’s control. Furthermore, the network has advised the blockchain and crypto community to turn on the “Secure DNS” option in their web browsers.
Nonetheless, the team quickly responded, and only a small number of users were affected. Moreover, the team has said that they would compensate the affected parties.
Lastly, the team stated that the frontend would resume shortly, albeit with “enhanced monitoring.”
Issue with cross-chain bridges in crypto
Cross-chain bridges are intended to address the difficulty of achieving interoperability across various blockchains. Bridges are desirable targets because they frequently have a central location for storing funds. In addition, there are also technical issues with effective bridge design.
Cross-chain bridges, like cBridge, are popular in the crypto community for convenience. Nonetheless, there have been worries about their potential security flaws. Additionally, earlier this year, Ethereum co-founder Vitalik Buterin called out cross-chain bridges via a Tweet. But Buterin did say that the future would be “multi-chain.”
A recent report by Chainalysis further shed light on the vulnerabilities of cross-chain bridges. According to the analytics firms, attacks on bridges account for 69% of the total crypto funds stolen in 2022.