On November 22, 2024, Aerodrome, the largest decentralised exchange on Base with nearly $400 million in TVL, experienced a DNS hijacking redirecting users to a fraudulent site. Its twin protocol Velodrome on Optimism was hit simultaneously. This attack comes amidst preparations for their planned merger in 2026.
This attack is not the first time Dromos Labs has faced such an incident. In November 2023, both protocols had already been victims of a similar DNS hijacking, with losses estimated at around $100,000 according to blockchain investigator ZachXBT. The recurrence of this scenario raises legitimate questions about the robustness of their Base security infrastructure.
DNS hijacking typically exploits a vulnerability at the domain provider level rather than within the protocol itself. Aerodrome even mentioned that the compromise likely originated from its domain registrar, a weak link often overlooked in the Web3 security chain.
The impact on TVL was immediate but measured. Data from DefiLlama shows that Aerodrome recorded a drop of nearly 4% in its total value locked, falling below the $400 million mark. Nevertheless, the protocol maintains its dominant position on Base with $399.17 million in TVL, while Velodrome maintains approximately $49.74 million on Optimism.
The timing of this compromise raises questions. Dromos Labs has just announced the merger of Aerodrome and Velodrome into a unified platform called “Aero,” scheduled for Q2 2026. This consolidation will also involve the unification of existing tokens into a single AERO token.
The new platform is expected to be deployed on Ethereum mainnet and on Arc, Circle’s blockchain. This multi-chain strategy aims to create a more robust and interoperable exchange hub, capable of competing with DeFi giants like Uniswap or Curve.
Could the announcement have triggered the attack? Some industry observers suggest that attackers may be trying to destabilize investor confidence ahead of this major transition. Others argue that they are simply exploiting a known vulnerability that Dromos Labs has clearly failed to fix since 2023.
For users of these protocols, the priority remains vigilance. The incident serves as a reminder that even leading DEXs are not immune to vulnerabilities at the Web2 infrastructure level, a paradox for platforms that advocate for decentralization.
Related articles:
Passionate about cryptocurrencies since 2019, I cover the latest news through clear and accessible articles. My goal is to make crypto understandable for everyone, with reliable and well-researched content.
DISCLAIMER
This article is for informational purposes only and should not be considered as investment advice. Trading cryptocurrencies involves risks, and it is important not to invest more than you can afford to lose.
InvestX is not responsible for the quality of the products or services presented on this page and cannot be held liable, directly or indirectly, for any damage or loss caused by the use of any product or service featured in this article. Investments in crypto assets are inherently risky; readers should conduct their own research before taking any action and invest only within their financial means. This article does not constitute investment advice.
Risk Warning : Trading financial instruments and/or cryptocurrencies carries a high level of risk, including the possibility of losing all or part of your investment. It may not be suitable for all investors. Cryptocurrency prices are highly volatile and can be influenced by external factors such as financial, regulatory, or political events. Margin trading increases financial risks.
CFDs (Contracts for Difference) are complex instruments with a high risk of rapid capital loss due to leverage. Between 74% and 89% of retail investor accounts lose money when trading CFDs. You should assess whether you understand how CFDs work and whether you can afford to take the high risk of losing your money.
Before engaging in financial or cryptocurrency trading, you must be fully informed about the associated risks and fees, carefully evaluate your investment objectives, level of experience, and risk tolerance, and seek professional advice if needed. InvestX.fr and the InvestX application may provide general market commentary, which does not constitute investment advice and should not be interpreted as such. Please consult an independent financial advisor for any investment-related questions. InvestX.fr disclaims any liability for errors, misinvestments, inaccuracies, or omissions and does not guarantee the accuracy or completeness of the information, texts, graphics, links, or other materials provided.
Some of the partners featured on this site may not be regulated in your country. It is your responsibility to verify the compliance of these services with local regulations before using them.
