Celer cBridge 2022 DNS hijacking
A DNS cache-poisoning attack redirected some cBridge frontend users toward malicious smart contracts capable of draining approved tokens. Celer took the frontend offline, advised approval revocation, and restored it with additional monitoring.
Incident facts
- Incident title
- Celer cBridge 2022 DNS hijacking
- Bridge
- Celer cBridge
- Incident date
- 2022-08-17
- Incident type
- Frontend Compromise
- Major incident
- Yes
- Affected chains
- Ethereum, Unknown
- Affected assets
- Unknown
- Attack category
- Frontend Or Dns Compromise
- Reported loss
- Approximately $240,000 reported
- Recovery
- None
- Reimbursement
- Announced
- Restart
- Reopened
- Current outcome
- Active After Incident
- Resolution
- Unresolved
- Last reviewed
- 2026-06-15
- Last verified
- 2026-06-15
Timeline events
Celer paused the cBridge frontend after DNS hijacking reports2022-08-17
Celer detected suspicious DNS activity, took the cBridge frontend offline, and advised users to revoke approvals associated with malicious contracts.
Celer committed to compensate affected users2022-08-18
Celer's incident updates said affected users would be fully compensated following the frontend DNS cache-poisoning attack.
cBridge frontend restored with additional monitoring2022-08-18
Celer restored the cBridge frontend after mitigation and said additional monitoring was in place.
Evidence records
- Celer reported potential DNS hijacking of the cBridge frontendCeler Network · Tier 1 · 2022-08-17
- Celer Network cBridge resumes operation after suffering DNS exploitCryptoSlate · Tier 2 · 2022-08-18
- Celer Network Suspects DNS Hijacking, Shuts Its cBridgeDailyCoin · Tier 2 · 2022-08-19
Known unknowns
- The exact number of affected users and final compensated total require later source review.