No One's Safe: Curve Hacked?!
0x162F
August 11th, 2022

...well kind of hacked.  On Tuesday, a flurry of messages on Twitter, Telegram, Discord, and more platforms began to hit the crypto community of a possible hack of Curve, arguably the most used DeFi protocol.  Curve eventually responded with the issue with its nameserver for Curve.fi, not necessarily an issue with the protocol itself:

It seems that malicious actors were able to access the nameserver for Curve.fi, change the DNS entry to point to their own malicious site that had a Curve clone, which looked exactly like the original site, aka DNS spoofing:

Curve was able to fix the issue within the hour, and directed users to revoke any contracts made within the period of the "hack".  The malicious actors were able to siphon ~$573,000 before Curve's fix:

Curve is quintessential in the DeFi world as most use it as a launching board into earning with other protocols (deposit into Curve, and take the resulting LP token into other protocols such as Convex for more rewards.  A proper hack of Curve might have resulted in a MUCH bigger problem than what as experienced...

Written by: nikethereum.eth / Medium / Mirror

Subscribe to nikethereum.eth
Receive new entries directly to your inbox.
Collectors
View
#1
#2
#3
View collectors
This entry has been permanently stored on-chain and signed by its creator.