Earlier today, twitter user @samczsun tweeted about Curve Finance having a potential issue.
Curve Finance’s domain name had been cloned and hijacked, and a fake site with created.
While Curve, a decentralized exchange, had no problems with its own smart contracts, the attacker had uploaded malicious contracts for users to interact with.
At the time of writing, the attacker’s Ethereum wallet has stolen more than $600K in tokens, and has transferred most of it into Tornado Cash.
Curve Contracts Safe
While the front end was compromised, the regular curve contracts are still operation.
If users are worried that they may have been affected, they can revoke the following contract: 0x9eb5f8e83359bb5013f3d8eee60bdce5654e8881 on sites such as revoke.cash.
Instead of their smart contracts failing, it seems that their domain provider, iwantmyname, was overridden. Curve has since switched providers.
While the losses have been mitigated quickly, the implications are large.
While bridges and smart contracts are being increasingly upgraded, Web2.0 DNS (Domain Name Service) attacks are something crypto has not dealt with yet.
If Uniswap were to get hijacked for even a minute, millions in swap volume could be stolen.
[Editor’s Note: This article does not represent financial advice. Please do your own research before investing.]
Featured Image Credit: Chain Debrief