crypto

Curve Finance: Issue Found And Reverted, CRV Sees 10% Losses

admin

[ad_1]

Via their official Twitter handle, the Ethereum-based decentralized finance (DeFi) protocol Curve Finance has confirmed a vulnerability in their nameserver or frontend curve.fi which was successfully reverted. Earlier, the team behind the project advised caution to its users and claimed an investigation has been launched to look into any potential vulnerabilities exploit.

The team behind the project said:

The issue has been found and reverted. If you have approved any contracts on Curve in the past few hours, please revoke immediately. Please use curve.exchange for now until the propagation for curve.fi reverts to normal

The team behind the project shared a potential theory about what could be affecting their frontend. A bad actor might have “cloned” their frontend, making it look like it is the same as the Curve Finance product, to affect people accessing it.

The team behind the project shared the following theory from Lefteris Karapetsas, founder of Rotkia App, about the attack affecting their Domain Name System (DNS):

It’s DNS spoofing. Cloned the site, made the DNS point to their ip where the cloned site is deployed and added approval requests to a malicious contract.

Therefore, anyone attempting to access Curve Finance’s curve.fi frontend should refrain from it until there are more details behind the potential attack. In a separate tweet, the team behind the project said that curve.exchange frontend seems to be unaffected.

Any Curve Finance user should revoke transaction approval for the following ETH smart contract addresses: 0x9Eb5F8e83359Bb5013f3D8eee60bDCe5654e8881 and watch out for transactions from address 0x50f9202e0f1c1577822BD67193960B213CD2f331 which the attacker could be using.

Curve Finance Tokens Sees Correction Following Attack

Curve Finance is, at least, the fourth project to be impacted by this DNS hijacking attack, according to Karapetsas. Other DeFi projects victims of these attacks include Ribbon Finance, DeFi Saver, and Convex Finance. Alex Smirnov, a co-founder of deBridge, said the following about this recent attack:

DNS is always a weak link. Here is how we solve this in deBridge and I think every DeFi project should have this.We have an automated monitoring system that checks the hash of the website and all its files. In case hash is changed, critical monitoring is immediately triggered.

Curve Finance claims that the issue could have originated from iwantmyname a DNS manager, but they are yet to offer more details about the incident. As the attack unveiled, the CRV token recorded a 10% correction in the past 24 hours.

CRV’s price trends to the downside on the 4-hour chart. Source: CRVUSDT Tradingview



[ad_2]

You Might Also Like

How to earn bitcoins fast

How to Tell If a Cryptocurrency is a Scam or Not

Tips to Avoid Losing In Cryptocurrency Trading

How to Sell Products Online with Bitcoins – The Ultimate Guide

Get a Cryptocurrency Trader Certification to Get Ready For The Big Game!

Share this Article
Previous Article Ford raises F-150 Lightning prices across the board – TechCrunch
Next Article Daily Crunch: WhatsApp extends its unsend time limit to ‘a little over two days’ – TechCrunch

Latest News

earn bitcoins fast
How to earn bitcoins fast
crypto
Cryptocurrency is a Scam or Not
How to Tell If a Cryptocurrency is a Scam or Not
crypto
Losing In Cryptocurrency Trading
Tips to Avoid Losing In Cryptocurrency Trading
crypto
Sell Products Online with Bitcoins
How to Sell Products Online with Bitcoins – The Ultimate Guide
crypto
Lost your password?