Curve fixed the bug caused by a hacker attack

According to the team’s statement on Twitter, it appears that the bug found in the Curve Finance protocol was fixed after a hacker attack.

Updates should have propagated for https://t.co/vOeMYOTq0l everywhere by now, which means it should be safe to use

— Curve Finance (@CurveFinance) August 10, 2022

What happened to Curve Finance

Yesterday morning, the DeFi project had been attacked, as stated by the Paradigm researcher in a social media post:

???@CurveFinance frontend is compromised, do not use it until further notice!

— samczsun (@samczsun) August 9, 2022

In essence, a hacker had hijacked the website’s Domain Name Service (DNS) and those who interacted with the homepage by logging into Curve had their MetaMask wallet emptied of their funds.

The Curve team immediately alerted users, urging them to use a different link to access the platform.

The issue has been found and reverted. If you have approved any contracts on Curve in the past few hours, please revoke immediately. Please use https://t.co/6ZFhcToWoJ for now until the propagation for https://t.co/vOeMYOTq0l reverts to normal

— Curve Finance (@CurveFinance) August 9, 2022

CZ Zhaopeng, the CEO of Binance, had also warned users on Twitter:

Curve. finance had their DNS hijacked in the past hour. Hacker put a malicious contract on the home page. When the victim approved the contract, it would drain the wallet. Damage is around $570k so far. We are monitoring.

— CZ ? Binance (@cz_binance) August 9, 2022

In fact, the Curve DAO token is listed on the exchange. At the time of writing this article, CRV is losing 4%, according to CoinMarketCap data, while it has lost as much as 83% in trading volume over the past 24 hours.

According to ZachXBT, an anonymous investigator of what is happening on-chain, the hacker reportedly managed to steal $570,000, which was allegedly moved to FixedFloat, a Bitcoin exchange based on the Lightning Network second layer. 

Looks like $570k stolen

0x50f9202e0f1c1577822BD67193960B213CD2f331 pic.twitter.com/IG6nIKVv59

— ZachXBT (@zachxbt) August 9, 2022

The exchange, after being alerted, managed to block some of the funds, namely $200,000.

Curve Finance is one of the most well-known DeFi projects with a Total Value Locked (TVL) of as much as $6 billion. Notably, Curve stands as the second most used protocol in decentralized finance, after Maker.

Hacker attacks against DeFi

Unfortunately, bugs and hacker attacks against decentralized finance protocols are quite commonplace.

In early August it was the turn of Nomad, a cross-chain bridge, which had seen hackers steal about $200 million.

In late June hackers had also stolen $100 million in Ethereum from the Harmony ecosystem.

In April, CoinMarketCap itself had also lost $130,000 in a phishing attack.

To avoid nasty surprises, the experts’ advice is always to double-check that the site or platform with which people interact with their wallet is the official one and not to click on links received via email or SMS.