Attacks targeting blockchain companies show no sign of slowing down. Decentralized trading platform Curve Finance confirmed reports that its website had suffered a frontend attack on Tuesday.
“Don’t use the frontend yet. Investigating!” Curve Finance tweeted.
Hackers apparently compromised a Curve website or domain name to redirect unwitting users or their transactions to a malicious destination.
According to Web3 on-chain sleuth, Zachxbt, the thieves made off with $570,000 in ETH, which they sent to the FixedFloat cryptocurrency exchange to launder the money.
FixedFloat said it had frozen 112 ETH, around $191,088, of the stolen funds.
“Our security department has frozen part of the funds in the amount of 112 ETH. In order for our security department to be able to sort out what happened as soon as possible, please email us: info@fixedfloat.com,” FixedFloat tweeted.
Our security department has frozen part of the funds in the amount of 112 ETH. In order for our security department to be able to sort out what happened as soon as possible, please email us: info@fixedfloat.com
— FixedFloat⚡️ (@FixedFloat) August 9, 2022
Launched in 2020, Curve Finance is a decentralized exchange and automated market maker (AMM) for trading stablecoins and wrapped digital assets like wBTC and tBTC.
🚨 Curve UI is compromised
0x9Eb5F8e83359Bb5013f3D8eee60bDCe5654e8881 malicious contract, revoke approvals immediately
0x50f9202e0f1c1577822BD67193960B213CD2f331 attacker’s address from the contract’s storage
— banteg (@bantg) August 9, 2022
A few hours after its original notice, Curve Finance said the issue had been found and resolved.
“If you have approved any contracts on Curve in the past few hours, please revoke immediately,” the company warned, also advising its users to proceed cautiously. The curve.exchange website appeared unaffected, they reported, and uses a different domain name system or DNS than curve.fi.
Stay on top of crypto news, get daily updates in your inbox.
Source: https://decrypt.co/107120/stablecoin-trading-platform-curve-suffers-frontend-attack-report
