A major cyberattack struck Curve Finance, a top decentralized finance platform, causing its token, CRV, to fall 7%. Hackers hijacked the platform’s domain name system, redirecting users to a fake website designed to steal funds. The breach, the second this month, has disturbed the DeFi community, exposing ongoing security risks in the crypto space.
DNS Attack Plunges CRV 7%
The attackers reportedly gained access to Curve’s DNS settings, rerouting the platform’s legitimate website to a malicious copy. This fake site tricked users into connecting their crypto wallets, potentially allowing hackers to drain funds. Curve’s team confirmed the attack, noting that the core smart contracts and blockchain infrastructure were unaffected.
However, users who interacted with the fraudulent site risked significant losses, with early estimates suggesting millions in stolen assets, though exact figures are still being calculated. The market reacted swiftly to the news with a 7% plunge in CRV’s value, reflecting investor fears. Cybersecurity experts, including Blockaid, classified it as a front-end attack, emphasizing the danger of compromised user interfaces in DeFi.
Curve’s Response Measures
Curve Finance acted quickly, posting alerts on X to warn users against visiting the compromised website. The team is working with their domain registrar and affected partners to regain control of the domain and restore secure access. The firm has promised regular updates as it addresses the issue.
This attack mirrors a 2022 incident where hackers cloned Curve’s website and manipulated its DNS, carting away user funds through a similar fake interface. The event exposed weaknesses in DeFi’s centralized components, like domain systems, which remain vulnerable despite secure blockchain protocols. Curve’s rapid response aims to minimize damage, but the repeated attacks likely raise concerns about persistent security challenges.
Curve Finance is racing to recover from this DNS hijacking, focusing on securing its platform and reassuring users. While its smart contracts remain intact, the financial losses and 7% CRV drop signal a tough road ahead. The DeFi giant is moving to rebuild trust and strengthen its defenses to maintain its position in the fast-growing crypto market.
