Reports indicate that the decentralized finance (DeFi) protocol Curve was hacked for $570,000 in Ethereum after people noticed that the front end of the curve was exploited. The attackers then tried to launder funds through the crypto exchange FixedFloat, and the trading platform’s team managed to freeze $200K worth of the stolen funds.
Curve Finance Exploited For $570K – FixedFloat Exchange Freezes Over $200K, Domain Services Are To Blame
Another DeFi hack was discovered on 9 August, when Paradigm researchers samzson tweeted That the frontend of Curve Finance was compromised. Curve Finance confirmed the problem on Twitter and the team was later able to roll back the exploit found on the frontend. “The problem has been detected and retracted,” Curve Told, “If you have approved a contract on Curve in the last few hours, please cancel immediately.”
I@ Curve Finance Frontend is compromised, don’t use it until further notice!
— samczsun (@samczsun) 9 August 2022
When asked by Curve could the team “explain how the name servers were compromised?” curve replied: “That we do not know. Most likely, [iwantmyname.com] Hacked himself.” On-chain researchers Zachxbt Told that the hacker managed to escape $570K, The funds were sent to Bitcoin Lightning Network-powered exchange FixedFloat, and the exchange noted that the team managed to freeze some of the funds.
“Our security department has frozen part of the money in the amount of 112″ [ether], For our security department to be able to resolve what happened as quickly as possible, please email us” FixedFloat wrote, Steven FergusonThe founder of TCPShield further verified that it was possible that the domain service iwantmyname.com had been breached.
“At 20:26 UTC on August 9th, I was pinged about this” [Curve fi’s] Frontend is being compromised in what appears to be a nameserver hijack [iwantmyname.com]Ferguson said. The founder of TCPShield said:
It appears not as a hijacking at the registrar level, but at the system. [iwantmyname.com] compromised himself.
The Curve attack follows a large number of DeFi hacks over the past few weeks, as the Solana-based Slope wallet was breached, Crema Finance lost $8.7 million, and Rari Capital’s Fuse platform lost $80 million. was hacked. Furthermore, $1.3 billion was stolen in the first quarter of 2022, and most of the attacks this year were from DeFi projects.
After the Curve attack, the Curve team has been Tweet A walkthrough on how users can cancel a smart contract. After issues are found and returned, Curve Finance Told: “Should have been promoted for the update [Curve] So far everywhere, which means it should be safe to use.” Curve Finance today has a total value locked (TVL) of $6.13 billion, making it the fifth largest DeFi protocol in terms of TVL size.
What do you think about the Curve Finance hack that happened on August 9? Let us know what you think about this topic in the comment section below.
image credit: Shutterstock, Pixabay, WikiCommons
Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation or recommendation or endorsement of an offer to buy or sell any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the Company nor the author is responsible, directly or indirectly, for any damage or loss alleged to be caused by or in connection with the use or reliance on any materials, goods or services mentioned in this article.