Puffer Finance Resumes Operations After Smart Contract Pause Amid Domain And Social Media Compromise

Amir Forouzani, Co-Founding father of the liquid restaking protocol Puffer Finance, introduced that the challenge’s good contract had been briefly paused and was anticipated to be re-enabled quickly following a possible safety incident. 

In response to a press release printed earlier on the social media platform X, Amir Forouzani confirmed that the platform had encountered a domain-related problem and suggested customers to chorus from accessing Puffer Finance functions or interacting with any of its social media channels whereas the matter was beneath assessment.

Please keep away from accessing all of the Puffer apps and social media; we’re investigating the problem.@puffer_finance

— amiru.eth (@AmirOnchain) August 19, 2025

On the identical time, blockchain safety companies SlowMist and PeckShield confirmed that Puffer Finance’s official web site (puffer[.]fi) and its social media channels had been compromised. In the meantime, media stories indicated that attackers hijacked the challenge’s area and social media accounts between August tenth and August seventeenth.

SlowMist TI Alert

puffer[.]fi and @puffer_finance have been compromised.

Keep vigilant — don’t use Puffer’s apps or social media till additional discover. https://t.co/3GBFs6GN0u

— SlowMist (@SlowMist_Team) August 20, 2025

#PeckShieldAlert The official web site (puffer[.]fi) and social media channels for @puffer_finance have been compromised.
DO *NOT* work together with any Puffer functions and keep away from accessing official social media channels.https://t.co/8gkQhfbMN1

— PeckShieldAlert (@PeckShieldAlert) August 20, 2025

After a short interval, nonetheless, Amir Forouzani issued an replace informing customers that every one funds remained secure and the system has returned to regular. The X publish defined that the good contract had been paused purely as a precautionary step and can be reactivated shortly. 

Replace: All Methods Regular

Earlier as we speak, we skilled a short area problem. It was resolved promptly, and every little thing is now again to regular.

All consumer funds are secure. As a precaution, we briefly paused the good contract. We will likely be re-enabled shortly.

Thanks for…

— amiru.eth (@AmirOnchain) August 20, 2025

Regardless of regaining operational management, the precise particulars of how the breach occurred—whether or not by way of credential theft, administrative missteps, or a deliberate focused assault—weren’t disclosed. Whether or not the platform suffered any deeper penalties stays unsure. 

This incident has led to expectations that Puffer Finance will launch additional clarification and a extra complete report on the breach within the close to future. Customers and observers stay attentive to potential updates, though no warning stories have surfaced thus far, suggesting that customers possible didn’t encounter direct points.

DNS Hijacking Incidents Goal DeFi Platforms, Highlighting Safety Dangers

The Area Identify System (DNS) is a vital factor of the web that features in the same method to a cellphone listing. It interprets easy and recognizable domains, similar to fb.com, into numerical IP addresses, like 192.168.1.1, that are required for units to determine connections. This conversion course of permits customers to entry web sites utilizing easy-to-remember names somewhat than counting on advanced sequences of numbers. When a consumer enters an internet deal with into their browser, the machine contacts a DNS server to acquire the related IP deal with, thereby guaranteeing connection to the supposed web site.

Within the case of DNS hijacking, this course of is disrupted by malicious actors as they alter the way in which DNS queries are resolved, which causes customers to be redirected to fraudulent web sites with out being conscious of the redirection. Attackers could obtain this by exploiting weaknesses in DNS servers, compromising routers, or accessing accounts held with area registrars. The first aim is to govern DNS data in order that people trying to entry a professional web site are unknowingly redirected to an imitation platform designed to execute dangerous code, similar to wallet-draining scripts.

As soon as an internet site is compromised by way of DNS hijacking, visitors may be rerouted to a malicious platform with out the data of the consumer which permits fraudulent websites to seem real whereas capturing delicate information or belongings.

Area hijacking continues to pose a substantial risk within the cryptocurrency sector and several other decentralized finance (DeFi) platforms, significantly these utilizing .fi domains, have been focused in front-end assaults of this nature. 

On Could twelfth, 2025, Curve Finance skilled such an incident when its .fi area was hijacked on the registrar degree. Consequently, customers have been redirected to a phishing website designed to empty wallets. Whereas the back-end good contracts remained unaffected, the front-end interface was compromised. In response, Curve Finance directed customers to curve.finance, initiated a takedown request for the malicious area, and strengthened registrar-level protections whereas additionally investigating decentralized internet hosting options similar to ENS or IPFS.

One other case occurred on September 24, 2024, when Ether.fi was the goal of an tried area account takeover through its registrar, Gandi.net. This try was unsuccessful, as preemptive measures together with hardware-authenticated restoration techniques and collaboration with safety specialists ensured that the breach was contained with out monetary impression.

The publish Puffer Finance Resumes Operations After Smart Contract Pause Amid Domain And Social Media Compromise appeared first on Metaverse Post.