Decentralized crypto exchange Curve Finance discovered its DNS was being hijacked in another significant security breach in the cryptocurrency world.
On the main page, the hackers were able to insert a fraudulent contract that, if accepted by the victim, would entirely empty the user’s wallets. The attackers took more than 570K from user wallets on Curve Finance, according to Changpeng Zhao, CEO of Binance. Moreover, CZ wrote:
They use GoDaddy for DNS, which is insecure. No web3 projects should use that. Very susceptible to social engineering.
After becoming aware of the situation, the platform declared the curve.fi nameserver had been hacked. The curve.exchange, which uses a different DNS provider, seems to be unaffected, according to the statement.
The Problem is Fixed and Reversed via Curve Finance
The platform also said that it has discovered the problem and fixed it in another tweet. It urged people to cancel any commitments right now.
One of the most significant initiatives in the market for decentralized finance (DeFi) is Curve Finance. The protocol has more than $6 billion in deposits, according to the DeFi Llama website tracker. Since the year’s commencement, deposits totaled $24 billion, which represents a decrease. Due to the recent downturn in the cryptocurrency market, security attacks have increased.
Due to the token rewards issuance of the CRV tokens, it has been seen as a crucial component of the DeFi ecosystem. The DeFi ecosystem’s other protocols may make money off of this as well.
The Curve DAO Token (CRV) has lost more than 10% of its value over the last day and is now at $1.27 with a $660 million market cap.
