Curve Finance Hacked, $570k Stolen!

Ayesha Yousuf
August 25, 2022

NEWSLETTER

Drop your email to read the BlockApex newsletter and keep yourself updated around the clock.

    Table Of Content

    Share:

    On Tuesday, 9th August, Curve Finance suffered from a DNS attack causing theft of a whooping $570,000+ USD. 

    Curve Finance is a stablecoin decentralized exchange (DEX) that runs on the Ethereum blockchain. 

    The attacker targeted the front end where the suspected hacker appears to have changed the domain name system (DNS) entry for the protocol, forwarding users to a fake clone website and approving a malicious contract. The program’s contract remained uncompromised, however.

    The team behind the protocol noticed the issue and tweeted to warn the users about the exploit. 

    A few hours after the exploit Curve again tweeted confirming both that they have found the issue and also reverted it. They also asked the user to immediately revert any contract they have approved on Curve prior. 

    Curve explained that it was most likely that the DNS server provider Iwantmyname was hijacked. On the other hand, the exploit was going on, Twitter user LefterisJP speculated that the alleged attacker had likely utilized DNS spoofing to execute the exploit on the service. 

    Other users quickly noticed and tweeted to warn the users that the alleged thief appears to have stolen more than $573,000 USD. 

    Also read, GAMEFI: FUTURE OF GAMING OR SHORT-LIVED GIMMICK?

    More Weblogs

     Off-Chain Security: A Rising Reason For Recent Hacks?

    An off-chain transaction deals with values outside the blockchain and can be completed using a lot of methods. To carry out any kind of transaction, both functioning entities should first be in agreement, after that a third-party comes into the picture to validate it.

    Ayesha Yousuf
    February 23, 2022
    Vaccify - Building a Resilient Digital Trust Ecosystem

    Vaccify is an open-source COVID-19 Initiative of TrustNet. The idea behind it is to issue digital certificates to people who are vaccinated (once the vaccine is available) for COVID-19. It is a Blockchain-based digital identity eco-system for all hospitals, healthcare centers, laboratories, and testing facilities across Pakistan.

    Zainab Hasan
    December 15, 2020
    Transparency Series Part One: Diving Into Composable Smart Contracts

    omposable smart contracts bring about certain problems in particular during the auditing phase. One of these is the hindering of end-to-end (E2E) testing. Often it is the case that for calling even just one function of a composable smart contract, multiple other contracts are required to be deployed.

    Sarah Imran
    February 7, 2022
    Designed & Developed by: 
    All rights reserved. Copyright 2023