Curve Finance has successfully resolved the hack after experiencing an exploit hours ago.
Curb Finance Team report We have announced that we have resolved the hack that occurred on Tuesday, August 9th.
The hack was discovered after Paradigm researchers notified the community that the Curve front end had been compromised.
Following this notice, the Curve team was able to identify and undo the hack in a statement issued on Twitter hours earlier. The Curve Finance team said:
“The problem has been found and reverted. If you have approved a contract with Curve in the last few hours, please revoke it immediately. Until the propagation of http://curve.fi returns to normal, for the time being http Please use ://curve.exchange.”
The Curve team has asked a community member to revoke their contract approval on their platform.
Attackers used a Domain Name Service (DNS) spoofing hack to clone the Curve website and redirect DNS points to IP addresses. Hackers added authorization requests to malicious contracts to steal funds.
After the attack, users who used MetaMask wallets to connect to Curve were at risk of having their funds stolen by hackers.
ZachXBT, an anonymous on-chain investigator, revealed that the attackers received approximately $570,000. The attacker attempted to move funds through He FixedFloat, a fully automated cryptocurrency exchange on the Bitcoin Lightning Network.
However, the cryptocurrency exchange froze trading and recovered about $200,000 of the stolen funds.
TCPShield founder Steven Ferguson said:
“It appears that @iwantmyname’s system itself was compromised, rather than a hijack at the registrar level.”
TCPShield is a distributed denial of service (DDoS) protection platform.
Curve Finance is one of the world’s leading decentralized exchanges, with over $6 billion in total value locked (TVL).
Over the last few months, the DeFi protocol has continued to attract the attention of hackers, with massive attacks spreading across various blockchains such as Solana, Ethereum, and BNB chains.