Decentralized Finance Protocol Curve Finance Issues Warning
On Tuesday, Curve Finance, a decentralized finance protocol, early warned on social media that its Domain Name System (DNS) may have been hijacked, advising users to refrain from using the platform temporarily.
In response to user inquiries about whether the incident was a hacking attack or a DNS hijacking, the Curve team stated that the website currently “points to the wrong IP address,” and they indicated in subsequent updates on the incident’s progress:
Source: Curve
Several cybersecurity firms have detected unusual activity on the Curve website, advising users not to interact with it. Blockaid described this as a “potential front-end attack on Curve,” where hackers target parts of the website that users interact with, such as buttons, forms, or text content, to steal sensitive information. Blockaid warned:
Curve Finance experienced a similar front-end attack in August 2022. According to post-incident analysis reports, it is widely believed that the attackers successfully replicated the Curve Finance website and redirected the DNS server to a fraudulent webpage. If users interacted with that fake webpage, their funds would be transferred to a wallet controlled by the hackers.
Related report: “Over 120 Crypto Platforms’ Front Ends Potentially Vulnerable to DNS Attacks, Experts Urge Users to Pause Interaction with Protocols”