Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
Aerodrome, a DEX built on Base, posted on X that the centralized domains of Velodrome and Aerodrome were hijacked on November 21 due to an internal security vulnerability at NameSilo, resulting in redirection to malicious content. With the rapid response from security partners including Blockaid, Groom Lake, Security Alliance, and FTI Consulting, MetaMask and Coinbase Wallet displayed warnings within two minutes, and the issue was fully mitigated within four hours. The incident resulted in approximately $700,000 in losses. Attack method (per SlowMist): Domain Hijacking. Reported loss: $ 700,000.
- chain
- base
- protocol
- Aerodrome
- bug_class
- infrastructure
- date_occurred
- 2025-11-21
- loss_usd
- $700,000
- source_id
- sm:aerodrome::2025-11-21