Curve Finance has confirmed a DNS spoofing attack on its primary domain, curve[.]fi, warning users to steer clear of the website until further notice.
The incident comes just days after the protocol’s X (formerly Twitter) account was also compromised.
The team has shifted operations to an alternate domain, curve[.]finance, and emphasized that user funds are safe and the protocol’s infrastructure remains unaffected. The issue is reportedly isolated to the DNS layer.
Wallet services like Phantom have already blocked access to the compromised domain and are issuing warnings to users.
Curve is working with its domain registrar, security partners, and industry contacts to investigate and resolve the breach. A full security review is underway.
Kosta Gushterov
Reporter at Coindoo
Kosta has been a part of the team since 2021 and has solidified his position with a thirst for knowledge, incredible dedication to his work and a “detective-like” mindset. He not only covers a wide range of trending topics, he also creates reviews, PR articles and educational content. His work has also been referenced by other news outlets.
Source: https://coindoo.com/curve-finance-hit-by-dns-attack-urges-users-to-avoid-site/