Curve Finance: Issue Found And Reverted, CRV Sees 10% Losses
09 August 2022 - 11:48PM
NEWSBTC
Via their official Twitter handle, the Ethereum-based decentralized
finance (DeFi) protocol Curve Finance has confirmed a vulnerability
in their nameserver or frontend curve.fi which was successfully
reverted. Earlier, the team behind the project advised caution to
its users and claimed an investigation has been launched to look
into any potential vulnerabilities exploit. Related Reading: TA- My
Neighbor Alice Could Be Set For A Major Bounce – Eyes $5 The team
behind the project said: The issue has been found and reverted. If
you have approved any contracts on Curve in the past few hours,
please revoke immediately. Please use curve.exchange for now until
the propagation for curve.fi reverts to normal The team behind the
project shared a potential theory about what could be affecting
their frontend. A bad actor might have “cloned” their frontend,
making it look like it is the same as the Curve Finance product, to
affect people accessing it. The team behind the project shared the
following theory from Lefteris Karapetsas, founder of Rotkia App,
about the attack affecting their Domain Name System (DNS): It’s DNS
spoofing. Cloned the site, made the DNS point to their ip where the
cloned site is deployed and added approval requests to a malicious
contract. Therefore, anyone attempting to access Curve Finance’s
curve.fi frontend should refrain from it until there are more
details behind the potential attack. In a separate tweet, the team
behind the project said that curve.exchange frontend seems to be
unaffected. Any Curve Finance user should revoke transaction
approval for the following ETH smart contract addresses:
0x9Eb5F8e83359Bb5013f3D8eee60bDCe5654e8881 and watch out for
transactions from address
0x50f9202e0f1c1577822BD67193960B213CD2f331 which the attacker could
be using. Curve Finance Tokens Sees Correction Following Attack
Curve Finance is, at least, the fourth project to be impacted by
this DNS hijacking attack, according to Karapetsas. Other DeFi
projects victims of these attacks include Ribbon Finance, DeFi
Saver, and Convex Finance. Alex Smirnov, a co-founder of deBridge,
said the following about this recent attack: DNS is always a weak
link. Here is how we solve this in deBridge and I think every DeFi
project should have this.We have an automated monitoring system
that checks the hash of the website and all its files. In case hash
is changed, critical monitoring is immediately triggered. Related
Reading: Ethereum Investors Close 300k Long Positions on Bitfinex,
Rally To Stop Soon? Curve Finance claims that the issue could have
originated from iwantmyname a DNS manager, but they are yet to
offer more details about the incident. As the attack unveiled, the
CRV token recorded a 10% correction in the past 24 hours.
Ethereum (COIN:ETHUSD)
Historical Stock Chart
Von Mär 2024 bis Apr 2024
Ethereum (COIN:ETHUSD)
Historical Stock Chart
Von Apr 2023 bis Apr 2024