Celer Network Suspects DNS Hijacking, Shuts Its cBridge

Celer team says DNS poisoning can happen to any DeFi app frontend.

Celer Network Suspects DNS Hijacking, Shuts Its cBridge

Celer Network, a blockchain interoperability protocol enabling a one-click user experience to access tokens, DeFi, GameFi, NFTs, governance, and more across multiple chains, recently suspected the DNS hijacking of its cBridge frontend.

Warning the customers against using the cBridge, Celer tweeted, “We are investigating at the moment and please do not use the frontend for bridging at the moment.”

Claiming to have built “the best inter-blockchain and cross-layer communication platform,” Celer said that “we are seeing reports that reflect potential DNS hijacking of cBridge frontend. We are investigating at the moment and please do not use the frontend for bridging at the moment.”


Naming Polygon, Avalanche, Arbitrum, Astar, Aurora, Ethereum, BSC, Fanatom, and Optimism, Celer said that “if you recently used cBridge, please make sure to check and revoke any token approval.”

Reminders and Suggestions Issued by Celer

The company said that “these contracts are related to a potential UI hijack to redirect users to interact with the above addresses and drain token balances. The cBridge frontend UI is currently offline to be safe and we are doing further investigation.”


Celer also issued a reminder which said, “DNS poisoning can happen to any DeFi app frontend regardless of the protocol’s own security and we strongly suggest the entire blockchain community to turn on Secure DNS option in your web browser to reduce such possibility to get affected.”

The company suggested that “due to low adoption of DNSSEC, we additionally suggest when you are interacting with any DeFi frontend, always verify the contract addresses.”

Celer Team’s Response to the Situation

Talking about the team’s efforts to resolve the situation, Celer said, “During this incident, the team responded quickly and fortunately only a small portion of users are affected. We will fully compensate users affected during the session of the incident but we ask users first to please first revoke approval to above contracts.”

“The frontend will be resumed shortly with enhanced monitoring. Again, please check & revoke any potential approvals and cross-check contract addresses when using cBridge and any other DeFi apps,” said Celer.

On the Flipside

  • Many users are contemplating revoking all transactions to keep their wallets safe. 

Why You Should Care

Due to the potential UI hijack the company is actively asking some users to revoke their transactions as they are being redirected to malicious smart contracts that can drain all approved token amounts. 

This article is for information purposes only and should not be considered trading or investment advice. Nothing herein shall be construed as financial, legal, or tax advice. Trading forex, cryptocurrencies, and CFDs pose a considerable risk of loss.

Akriti Seth

Akriti is a Zurich-based reporter, focused on the political, regulatory, and legislative developments around crypto. She is a business journalist with over six years of experience working as a correspondent for organizations like Channel NewsAsia and Bloomberg TV India. In that time, Akriti has covered news in the finance, pharma, and state sectors.