Avoid These Domains! Aerodrome Finance Warns Users After Front-End Breach
Aerodrome Finance, a leading decentralised exchange on the Base blockchain, recently warned about a possible breach involving its frontend and is currently investigating the situation. The team has urged users to avoid accessing the platform through any domain until they fully assess the situation. Centralized Domains Hit, Decentralized Mirrors Stay SafeThe Aerodrome team confirmed that its centralised domains, including the .finance and .box addresses, are still compromised. The team notes that two decentralised mirror sites are currently safe to access: Aero.drome.eth.limo and Aero.drome.eth.link. Update: centralized domains (.finance and .box) remain compromised. Please do not use either domain for now.Two decentralized mirrors remain safe to use:All smart contracts remain secure.We’ll provide further updates as the… Aerodrome says its smart contract infrastructure appears secure. More updates will be shared as the investigation continues. Velodrome Finance has also reported a similar issue, suggesting the possibility of a wider attack.Over $1M Drained in Under an HourOne user reported that an exploit affecting Aerodrome and Velodrome resulted in more than $1 million being stolen in less than an hour. Update on – – ⚠️ EXPLOITOver $1.000.000 stolen in under an hour…Please do not attempt to use any domains!Aerodrome will provide further updates as the investigation progresses on our telegram channel While another user notes that he visited the site before the warning was issued, and although the user did not approve any transactions, the attack was severe. A simple signature request was quickly followed by attempts to gain unlimited approvals to drain their NFTs, ETH, and USDC.Co-founder Slams Mocking Amid DNS AttackAlexander Cutler, the co-founder of Aerodrome and the CEO of Dromos Labs, called out another builder for mocking the project during the DNS hijacking incident. He notes that the decentralised domains were unaffected, 3DNS was protected by a multisig, and multiple top security teams are still trying to understand the issue, and it was not an issue from the team’s end. “The first rule of building in DeFi is that you don’t use exploits to dunk on other builders, especially for something like a DNS hijacking that is almost always out of a team’s control,” he said, calling the behaviour unprofessional. The first rule of building in DeFi is that you don’t use exploits to dunk on other builders — especially for something like a DNS hijacking that is almost always out of a teams control — this is absolutely unbecoming behavior from a founder. Hackers Get Faster, More AggressiveA new Global Ledger report shows how crypto hackers are getting faster than ever. More than $3 billion was stolen in early 2025, and in many cases, attackers laundered the money within minutes, sometimes even before anyone realised a hack had happened.Centralised exchanges remain a major point of pressure. About 15% of laundered funds passed through CEXs, and compliance teams often have only a few minutes to react. With CEXs responsible for over half of all losses this year, the report stresses that real-time monitoring is now essential.FAQsWhat happened to Aerodrome Finance’s frontend? Aerodrome Finance warned of a possible frontend breach and urged users to avoid all main domains while the team investigates the DNS-related issue. Is Aerodrome Finance safe to use now? Avoid the centralised domains. Only use the verified safe decentralised mirrors, Aero.drome.eth.limo and Aero.drome.eth.link, as the team investigates the front-end breach. How can I stay safe from similar crypto hacks? Always use verified, decentralised front-ends for DeFi platforms. Never approve unlimited transaction requests and use a hardware wallet for critical signatures.