Two decentralized financial projects have been reported under the DNS Spoofing Attack. There are two projects, PancakeSwap and Cream Finance, distributed through Binance Smart Chain, and are phishing users to enter their private key on the site, according to reports coming in Monday morning US time.

Kareem funding is not available at the time of writing, but PancakeSwap still loads properly and shows phishing attempt. When you try to contact MetaMask, the page loads a fake window that asks the user to enter their private key. This also happens in browsers like Safari where MetaMask is not available. There are hardly any occasions when a user needs to enter their phrase in a browser application, especially when communicating with DeFi.

Cream Finance and Pancake Swap confirmed that the issue was a DNS spoofing attack. Domain Name Service links the domain name to the Internet’s IP address. It appears that the registry of these two services has been compromised to indicate a server controlled by the attacker. According to the ICANN records, the DNS record for both sites was updated on Monday, shortly before reports of malicious activity appeared.

Both sites appear to be registered with GoDaddy. One possible explanation is that provider command accounts have been hijacked so that an attacker can officially change the DNS path point for the domains.

As of 19:00 UTC, the Cream Finance team states that the site is fully functional and secure. PancakeSwap also appears to have regained control of the site. The changes may not be immediately visible to users who visit the corrupted domain and require browser caching.

Source: CoinTelegraph