Make Kitco Your Homepage

Hackers steal $611,500 worth of user’s funds by hijacking the Curve Finance homepage

Kitco News

Editor's Note: With so much market volatility, stay on top of daily news! Get caught up in minutes with our speedy summary of today's must-read news and expert opinions. Sign up here!

(Kitco News) - Hackers continue to search for weaknesses in popular decentralized finance protocols, and Curve Finance is the latest platform to fend off an attack. On Tuesday the popular decentralized stablecoin exchange fell victim to a domain name system (DNS) hijack in which hackers briefly took control of the project's homepage.

The exchange posted a tweet on Tuesday warning users to refrain from using the website due to the front page being compromised after several users reported a change in the nameserver.

While the exact method used to conduct the attack remains unknown, developers for Curve posted an update around one hour after the attack began saying that the issue was resolved.

The team also encouraged anyone who had interacted with the platform recently to revoke any permissions given “immediately” in order to prevent any further loss of funds.

The attack appears to have been isolated to the front page of the platform, leaving its backend exchange which uses a completely different DNS unaffected. Users who attempted to interact with the compromised front page were redirected to a page controlled by the hackers, where the funds held in their wallet were subsequently drained.

It is estimated that a total of 605,000 USDC and 6,500 were stolen in the hack before Curve could fix the vulnerability, which the hackers immediately converted to 363 Ether (ETH) in an attempt to avoid having the USDC frozen by authorities.

The thieves laundered 27.7 ETH worth of the stolen funds through the now sanctioned Tornado Cash cryptocurrency mixer and sent 292 of the ETH acquired to the FixedFloat exchange and coin swap service.

FixedFloat managed to freeze 112 of the stolen ETH and provided 1 BTC address, 1 BSC address and 1 LTC address where the hackers withdrew the remaining stolen funds.


"Bitcoin price spikes 5.1% as U.S. inflation decelerates from its peak

An additional 20 ETH was deposited to a Binance hot wallet while an unknown exchange hot wallet received 23 ETH. The blockchain analytics firm Elliptic is currently tracking all wallet addresses associated with the hack and will inform the crypto community of any important updates.

Curve Finance is one of the top DeFi protocols in the cryptocurrency ecosystem, serving a crucial role as the main stablecoin exchange with a total value locked of $6.13 billion.

As news of the attack spread across social media, the price of the protocol's native CRV token plunged by 11.37% from a price of $1.40 to a low of $1.27.

CRV/USD 4-hour chart. Source: TradingView

Thanks to the rapid response in remedying the situation by the Curve team, the price of CRV managed to reverse its course and recover a majority of its lost ground, trading at a price of $1.366 by midday on Wednesday.

Disclaimer: The views expressed in this article are those of the author and may not reflect those of Kitco Metals Inc. The author has made every effort to ensure accuracy of information provided; however, neither Kitco Metals Inc. nor the author can guarantee such accuracy. This article is strictly for informational purposes only. It is not a solicitation to make any exchange in commodities, securities or other financial instruments. Kitco Metals Inc. and the author of this article do not accept culpability for losses and/ or damages arising from the use of this publication.