Paradigm researcher Samczsun reports that the Curve Finance front end has been compromised, resulting in over $500,000. Stolen within minutes.
@Curve Finance Your front end is at risk. Do not use until further notice.
samczsun (@samczsun) August 9, 2022
Curve Finance’s official Twitter confirmed the news as follows:
Don’t use the front end yet. investigating! https://t.co/8kmtpGsLQQ
Curve Finance (@CurveFinance) August 9, 2022
Rotkiapp founder Lefteris Karapetsas theorized: He cloned the site, pointed DNS to the IP where the cloned site was deployed, and added an authorization request to the malicious contract. Curve retweeted the theory in apparent support before following up with further announcements.
Please do not use https://t.co/vOeMYOTq0l Sites Your nameservers are at risk.Investigating: NS itself may be the problem
Curve Finance (@CurveFinance) August 9, 2022
Post Curve Finance Front End UI Compromised in DNS Hack. Users were advised not to interact and it first appeared on CryptoSlate.