Root-cause analysis not yet published. The incident description below contains all currently available signal — review the attack transaction directly for definitive forensics.
The DeFi protocol Neutrl announced on platform X that its frontend appears to have been compromised and that the team is conducting an urgent investigation. Out of an abundance of caution, the official advisory recommends that users refrain from interacting with the website until further updates are released. Additionally, Neutrl urged users to immediately revoke Permit2 approvals for relevant addresses via Revoke.cash. Users were also reminded to check and revoke approvals granted to other suspicious addresses to mitigate potential asset risks.Subsequently, Neutrl's preliminary investigation revealed that the DNS provider hosting the application's domain was subjected to a social engineering attack, resulting in the redirection of the domain by the attackers. Attack method (per SlowMist): DNS Hijacking. Reported loss: -.
- chain
- —
- protocol
- Neutrl
- bug_class
- infrastructure
- date_occurred
- 2026-03-19
- loss_usd
- —
- source_id
- sm:neutrl::2026-03-19