Curve Finance

Automated market maker Curve Finance used Twitter on Tuesday to alert users of a danger on its platform. The protocol’s developers saw that the problem, which seemed to be a malicious actor’s attack, was affecting the service’s nameserver and frontend.

According to reports, the attacker was a hacker who intended to use the platform as a way to steal money from unsuspecting users. Later, Curve revealed that its staff had identified and fixed the website’s problem. However, it asked users to withdraw any contracts they had approved on Curve.

According to on-chain data, the malicious contract has taken approximately $573,000 in USDC and DAI from eight different victims. The funds were instantly moved to the attacker’s wallet and exchanged for ETH tokens. The hacker sent funds to the cryptocurrency exchange FixedFloat, initially in batches of 45 ETH, then in sums ranging from 20 to 22 ETH.

Chronology of the hacker attack
  1. Hackers stole around $570,000 from the Curve Finance, decentralized financial protocol.
  2. Samczsun, a Twitter user, predicted that the suspected attacker had most likely utilized DNS spoofing to exploit the service while it was still active.

3. Curve later confirmed the active exploit on Twitter.

4. The Curve team speculated that the attacker cloned the Curve site, directed the Domain Name System (DNS) to the false site, and then added approval requests to the malicious contract. It was also said that, in contrast to curve.fi, curve.exchange seemed to be unaffected.

5. Curve stated that the DNS server provider Iwantmyname was most likely compromised, and that it has now changed its nameserver. A nameserver works similar to a directory, converting domain names into IP addresses. While the hack was still active, Twitter user LefterisJP claimed that the suspected attacker had most likely used DNS spoofing to execute the exploit on the service.

6. The team acted fast to resolve the issue. Following the initial warning, Curve claimed that it had found and resolved the issue, and recommended clients “immediately” withdraw any contracts they had recently accepted.

7. The Curve team confirmed on Twitter that the exploit had been fixed and asked Curve users to withdraw any Curve contracts they had accepted in the previous few hours.

8. FixedFloat reported that funds worth 112 ETH (about $191,000) had been blocked in relation to the attack.

About Curve Finance

Curve Finance is a DeFi system that offers “very efficient” stablecoin trading services with low slippage and fees. With approximately $6 billion in total value locked in, it is considered a pillar of the DeFi ecosystem.

Analysts noted in July that they were favorably evaluating Curve Finance, despite the market downturn that is currently affecting the larger DeFi sector. Delphi Digital researchers cited the platform’s yield potential, demand for Curve DAO Token (CRV) deposits, and the protocol’s income generation through stablecoin liquidity as reasons for their confidence.

This happened after the company published a brand-new “algorithm for exchanging volatile assets” in June. They promised low-slippage swaps between “volatile” assets. These pools combine a bonding curve method, formerly employed by well-known automated market makers like Uniswap, with internal oracles relying on exponential moving averages (EMAs).

⬆️In addition, for more cryptocurrency news, check out the Altcoin Buzz YouTube channel.

⬆️Above all, if you want to find the most undervalued gems, up-to-date research, and NFT buys with Altcoin Buzz Access. Join us for $99 per month now.

LEAVE A REPLY

Please enter your comment!
Please enter your name here

This site uses Akismet to reduce spam. Learn how your comment data is processed.