News

Curve Finance team warns users to avoid using site until further notice

Curve Finance team warns users to avoid using site until further notice

On Aug 9, automated market maker Curve Finance took to Twitter to warn users of an ongoing exploit on its site. The team behind the protocol noted that the issue, which appears to be an attack from a malicious actor, is affecting the service’s nameserver and frontend.

Don’t use https://t.co/vOeMYOTq0l site – nameserver is compromised. Investigation is ongoing: likely the NS itself has a problem

— Curve Finance (@CurveFinance) August 9, 2022

Curve stated via Twitter that its exchange — which is a separate product — appeared to be unaffected by the attack, as it uses a different DNS provider. The team still encouraged users to exercise caution when interacting with the site, however.

Although you need to proceed with caution, but https://t.co/6ZFhcToWoJ seems to be unaffected – uses a different DNS provider

— Curve Finance (@CurveFinance) August 9, 2022

Twitter user LefterisJP speculated that the alleged attacked had likely utilized DNS spoofing the execute the attack on the service:

It’s DNS spoofing. Cloned the site, made the DNS point to their ip where the cloned site is deployed and added approval requests to a malicious contract.

— Lefteris Karapetsas | Hiring for @rotkiapp (@LefterisJP) August 9, 2022

Other participants in the DeFi space quickly took to Twitter to spread the warning to their own followers, with some noting that the alleged thief appears to have stolen more than $573K USD at time of publication.

Alert to all @CurveFinance users, their frontend has been compromised!

Do not interact with it until further notice!

It appears around $570k stolen so far #defi #crypto $crv

— Assure DeFi (@AssureDefi) August 9, 2022

This story is in development, and will be updated as more information becomes available.





Source: https://cointelegraph.com/news/breaking-curve-finance-team-warns-users-to-avoid-using-site-until-further-notice

Leave a Reply

Your email address will not be published. Required fields are marked *