Curve Finance warns its DNS has been hijacked again
Decentralized finance (DeFi) protocol Curve Finance has warned that a hacker has again hijacked its domain name system (DNS), sending users to a malicious website.
In the second attack on its infrastructure in a week, the “curve.fi DNS might be hijacked. Don’t interact!” the team said in a May 12 warning to X.
In a follow-up post to a user asking whether it was a hack or a hijack, the Curve Team said the website “Points to the wrong IP” when users try to visit. A DNS works like a directory that translates domain names into IP addresses.
The team also said in another update that the “Password is secure,” its two-factor authentication was set up a “long time ago,” and a question has been sent to the “registrar now.”
”While all smart contracts are safe, the domain name points to a malicious site which can drain your wallet! We are investigating and working on recovering the access. No sign of a compromise on our side,” Curve said.
Curve Finance was hit with a similar front end attack in August 2022. In a post-mortem, the consensus was that the attackers managed to clone the Curve Finance website and reroute the DNS server to the fake page.
Users who attempted to use the platform had their funds drained into a pool operated by the attackers.
Cointelegraph has contacted Curve Finance for comment.
Curve Finance potential front-end attack
Onchain security firm Blockaid also detected unusual activity from the Curve website recently, warning users to stay away and avoid interacting for now.
It could be a case of a “potential frontend attack,” according to the security firm, which is when hackers target the part of the website users interact with, such as the buttons, forms, or text on the site, to steal sensitive data.
“If you’re connected, please refrain from signing transactions and avoid interactions with the DApp until the issue is resolved. We’re working closely with affected partners. More updates soon,” Blockaid said.
Related: Crypto hackers hit DeFi for $92M in April as attacks double from March
Second attack in a week
This is the second time Curve Finance has been targeted in the last week. On May 5, a hacker took over its official X handle.
“To clarify: the incident was limited strictly to the X account. No other Curve accounts were affected. No security issues were found on our side, no user funds were impacted, and there were no victims of phishing links that the hacker posted,” the team said in a follow-up May 6 post.
Access to the Curve Finance X account was restored quickly, and the cause is still under investigation.
A slew of other high-profile X accounts have also been taken over by bad actors this year. On May 2, the Tron DAO account was hijacked; meanwhile, on April 15, a member of the UK’s Parliament, Lucy Powell, had her account taken over to promote a scam crypto token called the House of Commons Coin (HOC).
Magazine: Financial nihilism in crypto is over — It’s time to dream big again
Bitcoin (BTC) $ 101,828.00
Ethereum (ETH) $ 2,301.97
Tether (USDT) $ 1.00
XRP (XRP) $ 2.05
BNB (BNB) $ 626.42
Solana (SOL) $ 134.36
USDC (USDC) $ 0.999809
TRON (TRX) $ 0.272318
Dogecoin (DOGE) $ 0.153684
Lido Staked Ether (STETH) $ 2,300.67
Cardano (ADA) $ 0.555560
Wrapped Bitcoin (WBTC) $ 101,784.00
Hyperliquid (HYPE) $ 32.89
Wrapped stETH (WSTETH) $ 2,774.11
Bitcoin Cash (BCH) $ 466.90
Sui (SUI) $ 2.55
LEO Token (LEO) $ 8.96
Chainlink (LINK) $ 11.92
Stellar (XLM) $ 0.235097
USDS (USDS) $ 0.999747
Avalanche (AVAX) $ 16.67
WhiteBIT Coin (WBT) $ 48.61
Toncoin (TON) $ 2.84
Shiba Inu (SHIB) $ 0.000011
Binance Bridged USDT (BNB Smart Chain) (BSC-USD) $ 0.998132
Litecoin (LTC) $ 79.94
WETH (WETH) $ 2,303.19
Wrapped eETH (WEETH) $ 2,464.65
Hedera (HBAR) $ 0.136575
Monero (XMR) $ 309.96
Ethena USDe (USDE) $ 1.00
Polkadot (DOT) $ 3.29
Bitget Token (BGB) $ 4.22
Coinbase Wrapped BTC (CBBTC) $ 101,897.00
Uniswap (UNI) $ 6.78
Pi Network (PI) $ 0.517693
Pepe (PEPE) $ 0.000009
Dai (DAI) $ 0.999652
Aave (AAVE) $ 234.32
Ethena Staked USDe (SUSDE) $ 1.18
OKB (OKB) $ 50.60
BlackRock USD Institutional Digital Liquidity Fund (BUIDL) $ 1.00
Bittensor (TAO) $ 308.72
Aptos (APT) $ 4.13
Cronos (CRO) $ 0.083916
sUSDS (SUSDS) $ 1.06
Internet Computer (ICP) $ 4.70
Jito Staked SOL (JITOSOL) $ 162.74
NEAR Protocol (NEAR) $ 1.95
Ethereum Classic (ETC) $ 15.48
Tokenize Xchange (TKX) $ 27.97
USD1 (USD1) $ 0.996348
Ondo (ONDO) $ 0.686793
Mantle (MNT) $ 0.608596
Gate (GT) $ 16.58
Fasttoken (FTN) $ 4.44
Official Trump (TRUMP) $ 8.87
Kaspa (KAS) $ 0.064964
Cosmos Hub (ATOM) $ 3.76
VeChain (VET) $ 0.019823
Lombard Staked BTC (LBTC) $ 101,649.00
Artificial Superintelligence Alliance (FET) $ 0.603370
Sky (SKY) $ 0.073700
POL (ex-MATIC) (POL) $ 0.172380
Ethena (ENA) $ 0.247639
Render (RENDER) $ 2.89
First Digital USD (FDUSD) $ 0.997006
Filecoin (FIL) $ 2.18
USDtb (USDTB) $ 0.999883
Jupiter Perpetuals Liquidity Provider Token (JLP) $ 4.20
USDT0 (USDT0) $ 1.00
Binance-Peg WETH (WETH) $ 2,294.23
Algorand (ALGO) $ 0.159831
KuCoin (KCS) $ 10.91
Arbitrum (ARB) $ 0.274728
Worldcoin (WLD) $ 0.822611
Binance Staked SOL (BNSOL) $ 140.78
Sei (SEI) $ 0.213438
NEXO (NEXO) $ 1.14
Flare (FLR) $ 0.016715
Rocket Pool ETH (RETH) $ 2,621.60
Kaia (KAIA) $ 0.182996
Kelp DAO Restaked ETH (RSETH) $ 2,411.56
Jupiter (JUP) $ 0.354561
Polygon Bridged USDT (Polygon) (USDT) $ 1.00
Celestia (TIA) $ 1.47
Binance Bridged USDC (BNB Smart Chain) (USDC) $ 0.996266
PayPal USD (PYUSD) $ 0.999582
Injective (INJ) $ 10.01
Bonk (BONK) $ 0.000013
SPX6900 (SPX) $ 1.01
XDC Network (XDC) $ 0.057986
Virtuals Protocol (VIRTUAL) $ 1.40
Optimism (OP) $ 0.509249
Stacks (STX) $ 0.575020
PAX Gold (PAXG) $ 3,393.69
Solv Protocol BTC (SOLVBTC) $ 101,511.00
Fartcoin (FARTCOIN) $ 0.859088
Mantle Staked Ether (METH) $ 2,459.40
StakeWise Staked ETH (OSETH) $ 2,416.23
