May 2, 2025
Blockchain

Curve Finance Users Lose $573,000 in Phishing Attack

  • August 11, 2022
  • 0

On August 9, unknowns took over the front end of Curve Finance DeFi protocol on the user side. As a result, users lost $573,000 worth of assets. #PeckShieldWarning

Curve Finance Users Lose 3,000 in Phishing Attack

Curve Finance Users Lose $573,000 in Phishing Attack
Curve Finance Users Lose $573,000 in Phishing Attack

On August 9, unknowns took over the front end of Curve Finance DeFi protocol on the user side. As a result, users lost $573,000 worth of assets.

PeckShield reports that the attackers transferred 27.7 ETH to the Tornado Cash platform, 292 ETH to the FixedFloat protocol (112 ETH blocked), and 20 ETH to Binance.

Curve Finance urged developers not to use the platform site until new recommendations. later they suggested using an alternative domain and revoking approval of the malicious contract if necessary.

The next day, the team released a report provided by the iwantmyname hosting service. He talks about “poisoning” the domain name system (DNS) protocol from an external provider and not compromising the server itself.

The attack occurred on August 9 ~ 19:00 (UTC). After the discovery, the experts shut down the servers and regained access to the servers at ~21:00 (UTC) the same day.

Analysis showed that server and provider infrastructures were not compromised. Root cause is still being sought.

“No one on the Internet is 100% immune to these types of attacks. What happened speaks of the urgent need to switch from DNS to another. ENS“, – Wrote in Curve Finance.

Recall that in July, the number of registrations in the Ethereum Name Service (ENS) domain name system soared to record highs.

ForkLog has previously reported attacks on DNS servers of DeFi projects, including Convex Finance, Allbridge, Ribbon Finance, and DeFi Saver. All of them used the services of Namecheap domain registrar.

Read ForkLog bitcoin news in our Telegram – cryptocurrency news, courses and analysis.

Source: Fork Log

Leave a Reply

Your email address will not be published. Required fields are marked *