Crypto investigator ZachXBT has warned users to steer clear of the Compound Finance website due to suspicions of it being compromised and redirecting visitors to a phishing site. The warning was made public on July 11 through a post on Telegram, in which ZachXBT alerted the community about the potential risks associated with visiting the website at this time.

According to ZachXBT, the Compound Finance site is currently redirecting to a phishing site that was recently registered, posing significant security threats to users. In light of this, he strongly advises against visiting the site to prevent any loss of personal data or funds.

In response, Michael Lewellen, a security advisor for the Compound Finance DAO, confirmed the breach and reiterated the warning to avoid interacting with the website. Lewellen emphasized that while the protocol itself and the smart contract funds remain secure, the URL has been hijacked and is hosting a phishing site. He urged users to refrain from using the compromised website to safeguard their assets and information.

This isn’t the first security challenge faced by Compound Finance. In 2023, the protocol’s official X account was compromised by hackers who then used it to promote a phishing site. Although the phishing attempt was quickly identified and flagged as a scam, it highlighted ongoing vulnerabilities within digital finance platforms.

As phishing attacks continue to surge within the crypto space, leading to significant losses, industry leaders like CertiK CEO Ronghui Gu have called for increased vigilance and stronger security measures, including multifactor authentication. Following a report on July 3, CertiK highlighted that the first half of 2024 saw losses amounting to $1.19 billion in crypto security incidents, with phishing attacks accounting for nearly $498 million of those losses.

SOURCE: Compound Finance site potentially breached — ZachXBT