Trade
Trading Type
Spot
Trade crypto freely
Alpha
Points
Get promising tokens in streamlined on-chain trading
Pre-Market
Trade new tokens before they are officially listed
Margin
Magnify your profit with leverage
Convert & Block Trading
0 Fees
Trade any size with no fees and no slippage
Leveraged Tokens
Get exposure to leveraged positions simply
Futures
Futures
Hundreds of contracts settled in USDT or BTC
Options
HOT
Trade European-style vanilla options
Unified Account
Maximize your capital efficiency
Demo Trading
Futures Kickoff
Get prepared for your futures trading
Futures Events
Participate in events to win generous rewards
Demo Trading
Use virtual funds to experience risk-free trading
Earn
Launch
CandyDrop
Collect candies to earn airdrops
Launchpool
Quick staking, earn potential new tokens
HODLer Airdrop
Hold GT and get massive airdrops for free
Launchpad
Be early to the next big token project
Alpha Points
NEW
Trade on-chain assets and enjoy airdrop rewards!
Futures Points
NEW
Earn futures points and claim airdrop rewards
Investment
Simple Earn
Earn interests with idle tokens
Auto-Invest
Auto-invest on a regular basis
Dual Investment
Buy low and sell high to take profits from price fluctuations
Soft Staking
Earn rewards with flexible staking
Crypto Loan
0 Fees
Pledge one crypto to borrow another
Lending Center
One-Stop Lending Hub
VIP Wealth Hub
Customized wealth management empowers your assets growth
Private Wealth Management
Customized asset management to grow your digital assets
Quant Fund
Top asset management team helps you profit without hassle
Staking
Stake cryptos to earn in PoS products
BTC Staking
HOT
Stake BTC and earn 10% APR
GUSD Minting
Use USDT/USDC to mint GUSD for treasury-level yields
More
- Trending TopicsView More
52.99K Popularity
16.05K Popularity
50.33K Popularity
93.38K Popularity
29.6K Popularity
- Hot Gate FunView More
- MC:$3.48KHolders:10.00%
- MC:$3.54KHolders:20.09%
- MC:$3.54KHolders:20.09%
- MC:$3.53KHolders:30.19%
- MC:$3.53KHolders:20.09%
- Pin
- 🎄 Gate Square · Christmas Warmth Creation Event
❄️ Winter is cold, but Gate Square is here to warm you up!
Post continuously on Gate Square for a chance to win heartwarming Christmas gift boxes + over 1000 USDT position voucher!
📅 Event Period: Nov 20 04:00 – Nov 27 16:00 UTC
📌 Event Details:https://www.gate.com/campaigns/3297
🎅 How to Participate
1. Post on Gate Square using the hashtags #Gate广场圣诞送温暖 or #GateChristmasGiveaway
2. Content can include market moods, Christmas wishes, investment insights, encouragement posts, lifestyle shares, memes, and more.
3. Participants must post for a - 🚀 Gate Square Event: #GateNewbieVillageEpisode7
👤 Featured Creator: @吉川富郎君
💬 The secret of top traders: one word — Patience.
Share your trading journey | Track your gains and lessons | Grow with the Gate Family
⏰ Event Time: Nov 19 10:00 – Nov 26 16:00 UTC
How to Join:
1️⃣ Follow Gate_Square
2️⃣ Post on Gate Square with the hashtag #GateNewbieVillageEpisode7
3️⃣ Share your trading experiences, strategy insights, or growth reflections
— The more genuine and insightful your post, the higher your chance to win!
🎁 Rewards:
3 lucky participants → Gate X RedBull Cap + $20 Position Voucher
If del - 📢 Gate Square TAG Posting Challenge: #MySuggestionsforGateSquare
Post & WIN 100 USDT in rewards!
Gate Square is constantly improving!
Do you have feature suggestions, feedback, or ideas for new functionalities? Share your experiences and insights, and help more people discover the charm of Gate Square!
💡 How to Participate
1️⃣ Follow Gate_Square
2️⃣ Open the Gate APP and tap “Square” at the bottom
3️⃣ Tap the Post button and publish your post with the hashtag #MySuggestionsforGateSquare
✍️ Post Examples
1️⃣ Which features do you use the most? What is your experience?
2️⃣ Which features cou - 🚀 Gate Square “Gate Fun Token Challenge” is Live!
Create tokens, engage, and earn — including trading fee rebates, graduation bonuses, and a $1,000 prize pool!
Join Now 👉 https://www.gate.com/campaigns/3145
💡 How to Participate:
1️⃣ Create Tokens: One-click token launch in [Square - Post]. Promote, grow your community, and earn rewards.
2️⃣ Engage: Post, like, comment, and share in token community to earn!
📦 Rewards Overview:
Creator Graduation Bonus: 50 GT
Trading Fee Rebate: The more trades, the more you earn
Token Creator Pool: Up to $50 USDT per user + $5 USDT for the first 50 launche
Aerodrome domain hijacked! DNS server spoofed, official urgent phishing alert issued
Base ecosystem decentralized exchange (DEX) Aerodrome issued an emergency announcement on November 22, stating that it is investigating a potential DNS hijacking incident and urging users to immediately stop using its main domain to prevent security risks. If DNS servers are hijacked, users may be redirected to malicious servers—a type of incident that is not unprecedented in the DeFi space and has previously resulted in the loss of millions of dollars in assets.
How DNS Hijacking Turns Official Domains into Phishing Traps
DNS servers are the “phone books” of the internet, responsible for translating human-readable domains (such as aerodrome.finance) into machine-recognizable IP addresses. When users enter a domain in their browser, the DNS server tells the browser the actual server location associated with that domain. DNS hijacking occurs when attackers manipulate this lookup process, redirecting users to hacker-controlled malicious servers.
The typical attack process is as follows: Hackers first compromise the account at the domain registrar or breach the upstream DNS service provider’s system. Once they gain control, hackers can modify DNS records, replacing the IP address pointing to the official Aerodrome server with one that leads to a malicious server under their control. When users visit aerodrome.finance, their browsers are redirected to this counterfeit website.
These fake websites usually perfectly mimic the appearance and functionality of the original, making it difficult for users to notice anything unusual. When users attempt to connect their wallets or execute trades, the malicious site will display what appears to be a normal authorization request. Once users sign, the hacker gains control of the wallet and can steal all assets within. This attack method is extremely cunning because, from the user’s perspective, they are indeed visiting the “correct domain”—it’s just that the DNS server has been swapped.
The Five Stages of a DNS Hijacking Attack
Stage 1: Hacker compromises the domain registrar account or DNS service provider
Stage 2: Modifies DNS records, redirecting the official domain to a malicious IP
Stage 3: Sets up a perfectly cloned phishing website
Stage 4: Users visiting the “official domain” are actually directed to the phishing site
Stage 5: Users sign malicious authorizations and funds are stolen
As the core liquidity and trading hub on the Base chain, Aerodrome has rapidly risen since its launch, amassing a large user base and TVL (Total Value Locked). This scale makes it a high-value target for hackers. The more funds are locked on the platform, the greater the potential gains from a DNS hijacking attack, as each scammed user could lose thousands or even millions of dollars.
Historical Lessons of DNS Attacks in DeFi
This suspected DNS hijack may involve hackers manipulating the domain system to redirect to a malicious server—a type of incident that’s not new in DeFi and has previously led to the loss of millions in assets. The most well-known case is the 2022 DNS hijacking attack on Curve Finance, where hackers gained control of Curve’s domain and successfully stole millions of dollars in user funds. Subsequent investigation showed that hackers had breached the DNS provider iwantmyname used by Curve.
In 2020, decentralized exchange Uniswap’s official website also suffered a similar attack. Hackers used phishing emails to obtain domain management credentials from team members and modified DNS records, causing users to be redirected to a malicious site. Although the Uniswap team quickly detected and fixed the issue, some users still suffered losses. These historical cases show that even highly skilled technical teams may have security lapses regarding domain protection.
The dilemma DeFi protocols face is that while smart contracts themselves run on decentralized blockchains, users’ access to these protocols is still dependent on traditional, centralized domain systems. This “decentralized backend + centralized frontend” structure makes the domain the most vulnerable link in the system. As long as the domain is hijacked, even if the smart contract itself is completely secure, users can still suffer losses by visiting fake sites.
Some DeFi protocols have begun to adopt additional security measures, such as deploying frontends on IPFS (a decentralized storage system) and offering ENS (Ethereum Name Service) domains as backup access options. These decentralized alternatives may not be as user-friendly as traditional domains but can effectively prevent DNS hijacking risks. After this incident, Aerodrome may also need to consider implementing similar backup mechanisms.
How Users Can Protect Assets During DNS Attacks
So far, the Aerodrome team has not disclosed further details, including the scope of the attack, potential losses, or recovery timeline, but has stressed that users should avoid accessing the official main domain aerodrome.finance. The investigation is ongoing, so please refrain from attempting to use any Aerodrome-related domains for now. This cautious approach is necessary, as any access could be risky until DNS records are fully restored and verified.
For users who already have positions on Aerodrome, this incident does not mean their funds are immediately at risk. The key is to understand that assets are locked in smart contracts on the Base chain, not stored on Aerodrome’s servers. As long as users do not visit a fake site and sign malicious authorizations during the DNS hijack, their existing assets are safe. The smart contract itself cannot be affected by DNS hijacking unless users actively authorize a malicious contract to access their wallet.
However, users still need to remain highly vigilant. Until Aerodrome officially announces that the DNS issue is fully resolved, the following precautions should be taken. First, absolutely do not click any links claiming to be from Aerodrome, including those in social media, Telegram groups, or emails. During DNS hijacking incidents, scammers often seize the opportunity to send phishing links claiming to offer “emergency withdrawals” or “asset protection” services.
Second, if you must manage your position on Aerodrome, consider interacting directly with the smart contract via a blockchain explorer. Advanced users can find Aerodrome’s smart contract address on Etherscan (Base version) and use the Write Contract feature to interact directly. This method bypasses the frontend website entirely, eliminating DNS hijacking risks, but does require a certain level of technical knowledge.
Third, check if you’ve granted approvals to any suspicious contracts. If you accidentally visited a fake site and signed an approval during the DNS hijack, immediately use tools like Revoke.cash to revoke all approvals related to Aerodrome addresses. Although revoking approvals requires paying gas fees, it’s far better than losing all your assets.
Four Key Steps for User Self-Protection
Immediately stop: Do not visit any Aerodrome domain until the official announcement of safety
Check approvals: Use Revoke.cash to check and revoke suspicious contract approvals
Beware of phishing: Do not click any links claiming to be from Aerodrome on social media
Official confirmation: Only trust announcements from Aerodrome’s official, verified X (Twitter) account
DNS Security: The Achilles’ Heel of DeFi Protocols
This Aerodrome DNS hijacking scare once again highlights the contradictions in DeFi protocols’ security architecture. Smart contracts run on decentralized blockchains and should, in theory, be immune to single points of failure, but user access to these contracts’ frontends still relies on centralized domain systems. DNS servers are the core of this system, and once compromised, the entire access chain collapses.
On a broader level, DeFi protocols need to rethink their security architecture. Possible solutions include: deploying frontends on IPFS and accessing them via ENS domains to fully decentralize frontend infrastructure; implementing multiple DNS providers for redundancy to reduce single points of failure; adopting certificate pinning and subresource integrity (SRI) checks on websites to prevent content tampering; and educating users on how to interact directly with contracts via blockchain explorers.
As the core liquidity hub of the Base chain, this incident’s impact on Aerodrome may ripple throughout the entire Base ecosystem. If users lose trust in the security of DeFi protocols on Base, it could lead to TVL outflows and decreased ecosystem activity. This also reminds all DeFi protocols that domain security should not be treated as a secondary issue but must be an integral part of core security strategies.
The official response so far is correct—sacrificing short-term user experience is worthwhile for ensuring user fund safety until the issue is fully resolved. This responsible attitude is commendable. Going forward, the community will closely watch how Aerodrome handles the crisis, including whether affected users will be compensated, how domain security measures will be strengthened, and whether decentralized frontend solutions will be adopted as long-term fixes.