Curve Finance resolves hack from earlier today

Quick Take

  • Curve Finance had its front end hacked earlier today.
  • Curve resolved the issue and recommended that users revoke any approved contracts on its platform.



Curve Finance resolved a hack it suffered earlier today, the company said in a late-afternoon Twitter update.  

The hack was discovered when a Paradigm researcher tweeted that Curve's front end had been compromised.

The Curve team was able to find and revert the hack, and issued a statement asking people to revoke any contract approvals on its platform.

The hacker used a Domain Name Service (DNS) spoofing hack, cloning the site and redirecting the DNS point to their IP address. Then, they added approval requests to a malicious contract to steal the funds. 

Users who had connected to Curve with their web3 wallets were at risk of having their funds stolen. ZachXBT, an anonymous on-chain investigator, reported that the hacker took approximately $570,000. The hacker tried moving funds through FixedFloat, a fully automatic cryptocurrency exchange on the Bitcoin Lightning Network. The exchange froze and secured roughly $200,000 of the stolen funds.

"This did not appear to be a hijack at the registrar level, but rather systems at @iwantmyname compromised themselves," TCPShield founder Steven Ferguson tweeted. His company is a Distributed Denial-of-Service (DDoS) protection platform.

Curve Finance is one of the largest decentralized exchanges by total value locked (TVL), holding over $6 billion. 









© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.