DeFi lending platform Compound Finance hijacked again

DeFi users reported suspicious functionality on the website of lending platform Compound Finance on Sunday.

The incident is the latest in a string of website hijackings that have affected Maple Finance, OpenEden and Curvance.

It’s the second time attackers have compromised Compound’s front end in less than two years.

@Compound_xyz what is going on with your https://t.co/0q8W7MjB3V domain? If I click on the app button it takes me to https://t.co/LAMh7lHo3i which completely has different UI and looks very fishy. What’s going on
— Martyn (@MartynMMR) March 8, 2026

Compound’s security provider later published an update on the project’s governance forum, reassuring users that the incident had been rectified and “all other credentials on the affected infrastructure account have been rotated.”

The post explains that the project’s website redirected users to “a phishing site hosted on a lookalike domain (‘compOOnd’),” but “no user loss of funds [was] identified.”

Compounding errors

Previously, the Compound front end was hacked in July 2024, along with other Squarespace-based DeFi domains.

There are worries that such attacks may become more common as AI tools lower the bar for would-be phishing scammers.

ALERT: The https://t.co/vSAGYl6wwJ URL has been compromised and is currently hosting a phishing site. DO NOT interact with the https://t.co/vSAGYl6wwJ website until further notice.

The Compound protocol itself is not impacted and all smart contract funds are safe.
— Michael Lewellen (@LewellenMichael) July 11, 2024

Luckily, any users of Compound were better protected yesterday.

According to the forum post, the app.compound.finance subdomain, on which users connect wallets and make transactions, “is served via IPFS, allowing [security providers] to independently verify its integrity.”

Sunday’s incident is the latest in a string of blunders for what was once one of DeFi’s top protocols.

Last year, the Compound DAO came under scrutiny over conflict-of-interest concerns related to service provider Gauntlet.

In 2022, an operational error bricked the cETH market (worth over $800 million at the time) for a week while a fix was implemented. The previous year, almost $150 million of excess rewards were distributed, also by mistake.

Got a tip? Send us an email securely via Protos Leaks. For more informed news and investigations, follow us on X, Bluesky, and Google News, or subscribe to our YouTube channel.

The post DeFi lending platform Compound Finance hijacked again appeared first on Protos.