In another major security incident in the crypto space, decentralized crypto exchange Curve Finance found its DNS being hijacked.
The hackers managed to deploy a malicious contract on the home page, which when approved by the victim would completely drain the user wallets. As per Binance CEO Changpeng Zhao, the attackers stole more than 570K from user wallets. CZ further wrote:
They use GoDaddy for DNS, which is insecure. No web3 projects should use that. Very susceptible to social engineering.
Curve Finance took cognizance of the matter and said that the curve.fi nameserver has been compromised. It also said that the curve.exchange seems to be unaffected as it uses a different DNS provider.
Curve Finance Fixes and Reverts the Issue
In one of the other Twitter messages, Curve.finance noted that it has found the issue and reverted it. It asked users to revoke any contracts on an immediate basis. Curve Finance noted:
Trending Stories
The issue has been found and reverted. If you have approved any contracts on Curve in the past few hours, please revoke immediately. Please use curve.exchange for now until the propagation for curve.fi reverts to normal.
Curve Finance is one of the most important decentralized finance (DeFi) projects in the market. As per the DeFi Llama website tracker, the protocol has more than $6 billion in deposits. This is down from $24 billion in deposits since the beginning of the year. Security exploits have been on the rise over the last quarter and the crypto market crash.
Curve Finance has been regarded as an integral part of the DeFi ecosystem due to the token rewards emission of the CRV tokens. This also serves as a source of income for several other protocols in the DeFi ecosystem.
Over the last 24 hours, the Curve DAO Token (CRV) has tanked by more than 10% and is currently trading at $1.27 with a market cap of $660 million.