Curve Finance Warns Its DNS Has Been Hijacked Again

DeFi protocol Curve Finance has once again fallen victim to a DNS hijacking attack, leaving users worried about the security of their funds. The latest incident marks the second time in as many weeks that the platform's domain name system has been compromised, sending unsuspecting users to malicious websites.

A Warning from Curve Finance

On May 12, Curve Finance issued a warning to its community, stating that "the curve.fi DNS might be hijacked. Don't interact!" The team emphasized the importance of not signing transactions or engaging with the platform until the issue is resolved.

A Closer Look at the Attack

According to Blockaid, an onchain security firm, it's possible that the attack was a front-end attack, targeting the part of the website users interact with, such as buttons, forms, or text. This type of attack can be particularly insidious, as hackers can steal sensitive data without needing to access the underlying smart contracts.

"If you're connected, please refrain from signing transactions and avoid interactions with the DApp until the issue is resolved," Blockaid warned. "We're working closely with affected partners. More updates soon."

A History of Similar Attacks

Curve Finance has faced a similar front-end attack in August 2022, which saw hackers clone the platform's website and reroute DNS servers to a fake page. Users who attempted to use the platform had their funds drained into a pool operated by the attackers.

A Lesson in Caution

The latest incident serves as a reminder to be vigilant when interacting with DeFi protocols. With high-profile attacks on the rise, it's essential for users to stay informed and take proactive measures to protect themselves.

Investigation Underway

Curve Finance has confirmed that an investigation is underway to recover access to its DNS system. The team assures users that there is no sign of a compromise on their side, but emphasizes the importance of caution until the issue is resolved.

A Call to Action

Blockaid's warning serves as a call to action for all users to exercise caution when interacting with Curve Finance or any other DeFi protocol. By staying informed and taking proactive measures, users can minimize their risk of falling victim to similar attacks in the future.

A New Era of Caution

The rise of DNS hijacking attacks on DeFi protocols marks a new era of caution for users. As the space continues to evolve, it's essential for platforms and users alike to prioritize security and remain vigilant against emerging threats.