Curve Finance warns its DNS to be hijacked again

PANews reported on May 13 that according to Cointelegraph, the DeFi protocol Curve Finance issued a warning that its domain name system (DNS) was hijacked by hackers and users were directed to malicious websites. On May 12, the Curve team released a message on the X platform, reminding users that "curve.fi's DNS may have been hijacked, please do not interact." The team explained that the website pointed to the wrong IP address when the user visited. DNS is like a directory that is responsible for converting domain names to IP addresses. The Curve team also said that the password is secure and the two-factor authentication has been set up for a long time and has contacted the domain name registrar. Although the smart contract is currently safe, the domain name points to a malicious website, which may exhaust user wallet funds. The team is investigating and working hard to restore access, but no loopholes are found.

On-chain security company Blockaid detected an abnormality in Curve website, warning users to stay away and avoid interaction, saying that this may be a "potential front-end attack". Hackers stole data in part of the user interaction, reminded connected users not to sign transactions, avoid interacting with the decentralized application, and said that more updates will be released as soon as possible.