The primary website of decentralized crypto exchange Curve.Finance got compromised in the latest instance of hacker exploits of crypto platforms. According to publicly available information, about $570,000 worth of crypto tokens were stolen by hackers.
The hack was discovered when a researcher at Paradigm tweeted that Curve’s front end had been compromised.
Following the news of the hack, the price of CRV tokens dropped by over 10% to $1.28.
How was it done?
According to reports, the hacker used a Domain Name Service (DNS) spooking hack, cloning the website and redirecting the DNS point to their IP address. The hackers then added an approval request to a malicious contract which enabled them to steal the funds. Users who were connected to the MetaMask wallet were at greater risk of having their funds stolen.
Remedial action
On discovering the hack of their website, Curve.Finance team asked users to revoke any contract approval on its platform and advised them not to use curve.exchange or curve.fi until the developers locate the source of the exploit.
The hackers tried to move the stolen funds through FixedFloat, a crypto exchange on the Bitcoin Lightning Network. However, developers on Curve.Finance were able to successfully freeze and recover roughly $200,000 of the stolen funds.
The incident comes days after the hack of Solana wallets, in which close to $8 million of investors’ wealth was stolen and over 8,000 wallets compromised.