Reports indicate that the decentralized finance (defi) protocol Curve was hacked for $570,000 in ethereum after people noticed that Curve’s front end was exploited. The attackers then tried to launder the funds via the crypto exchange Fixedfloat, and the trading platform’s team managed to freeze $200K worth of the stolen funds.
Curve Finance Exploited for $570K — Fixedfloat Exchange Freezes More Than $200K, Domain Service Blamed
Another defi hack was discovered on August 9, when the Paradigm researcher Samczsun tweeted that Curve Finance’s frontend was compromised. Curve Finance confirmed the problem on Twitter and later the team was able to revert the exploit found on the frontend. “The issue has been found and reverted,” Curve said. “If you have approved any contracts on Curve in the past few hours, please revoke immediately.”
When Curve was asked if the team could “go into detail about how the name servers were compromised?” Curve replied: “That we don’t know. Most likely, [iwantmyname.com] themselves got hacked.” The on-chain researcher Zachxbt reported that the hacker managed to get away with $570K. The funds were sent to the Bitcoin Lightning Network-powered exchange Fixedfloat, and the exchange noted that the team managed to freeze some of the funds.
“Our security department has frozen part of the funds in the amount of 112 [ether]. In order for our security department to be able to sort out what happened as soon as possible, please email us” Fixedfloat wrote. Steven Ferguson, the founder of Tcpshield, further verified that it was possible that the domain service iwantmyname.com was breached.
“On August 9th at 20:26 UTC, I was pinged regarding [Curve fi’s] frontend being compromised in what appears to be a nameserver hijack at [iwantmyname.com],” Ferguson said. The Tcpshield founder added:
This did not appear to be a hijack at the registrar level, but rather systems at [iwantmyname.com] compromised themselves.
The Curve attack follows a great number of defi hacks during the last few weeks, as the Solana-based Slope wallet was breached, Crema Finance lost $8.7 million, and Rari Capital’s Fuse platform was hacked for $80 million. Furthermore, $1.3 billion was stolen in Q1 2022 and most of the attacks stemmed from defi projects this year.
Following the Curve attack, the Curve team has been tweeting out walkthroughs on how users can revoke a smart contract. After the issues were found and reverted, Curve Finance said: “Updates should have propagated for [Curve] everywhere by now, which means it should be safe to use.” Curve Finance has $6.13 billion total value locked (TVL) today, making it the fifth-largest defi protcol in terms of TVL size.
Tags in this story
$6.13 billion TVL, 2022 Defi Hacks, Crema Finance, Curve attack, Curve fi frontend, Curve hack, Curve team, Curve.fi, decentralized finance, Defi Hack, domain service, Fixedfloat, frozen eth, frozen funds, Hack, iwantmyname.com, Name Service, Steven Ferguson, Tcpshield, Zachxbt
What do you think about the Curve Finance hack that occurred on August 9? Let us know what you think about this subject in the comments section below.
Jamie Redman is the News Lead at Bitcoin.com News and a financial tech journalist living in Florida. Redman has been an active member of the cryptocurrency community since 2011. He has a passion for Bitcoin, open-source code, and decentralized applications. Since September 2015, Redman has written more than 5,700 articles for Bitcoin.com News about the disruptive protocols emerging today.
Image Credits: Shutterstock, Pixabay, Wiki Commons
Disclaimer: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any products, services, or companies. Bitcoin.com does not provide investment, tax, legal, or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.