The primary website of the decentralized crypto exchange Curve.Finance got compromised in the latest instance of hacker exploits of crypto platforms. According to publicly available information, about $570,000 worth of crypto tokens were stolen by hackers.
The hack was discovered when a researcher at Paradigm tweeted that Curve’s front end had been compromised.
Following the news of the hack, the price of CRV tokens dropped by over 10% to $1.28.
How was it done?
According to reports, the hacker used a Domain Name Service (DNS) spooking hack, cloning the website and redirecting the DNS point to their IP address. The hackers then added an approval request to a malicious contract which enabled them to steal the funds. Users who were connected to the MetaMask wallet were at greater risk of having their funds stolen.
Remedial action
On discovering the hack of their website, Curve.Finance team asked users to revoke any contract approval on its platform and advised them not to use curve.exchange or curve.fi until the developers locate the source of the exploit.
The hackers tried to move the stolen funds through FixedFloat, a crypto exchange on the Bitcoin Lightning Network. However, developers on Curve.Finance were able to successfully freeze and recover roughly $200,000 of the stolen funds.
The incident comes days after the hack of Solana wallets, in which close to $8 million of investors’ wealth was stolen and over 8,000 wallets compromised.
FAQs
Has Curve Finance ever been hacked?
Yes, Curve Finance has been hacked multiple times, with notable incidents resulting in significant financial losses.
Which DeFi platform hacked?
Curve Finance, a DeFi platform, has been the target of hacking incidents.
What are the top 5 DeFi hacks?
The top 5 DeFi hacks include Curve Finance hacks, which resulted in losses exceeding $40 million, along with other notable incidents involving platforms such as Uniswap, SushiSwap, and others.
How many hacks are there in DeFi?
There have been numerous hacks in the DeFi sector, with incidents occurring frequently between 2021 and 2023, resulting in substantial financial losses exceeding billions of dollars.
