Curve Finance front end UI compromised in DNS hack – users advised not to interact

Update: Curve has announced the issue has been fixed and says it is safe to use again.

Samczsun, a researcher at Paradigm, is reporting that the Curve Finance front end has been compromised, with over $500k stolen within a matter of minutes.

The official Curve Finance Twitter has confirmed the news stating:

The founder of Rotkiapp, Lefteris Karapetsas, theorized that “It’s DNS spoofing. Cloned the site, made the DNS point to their ip where the cloned site is deployed and added approval requests to a malicious contract.” Curve retweeted the theory in apparent support before following up with a further announcement;

The post Curve Finance front end UI compromised in DNS hack – users advised not to interact appeared first on CryptoSlate.

Source: https://cryptoslate.com/curve-finance-front-end-ui-compromised-in-dns-hack-users-advised-not-to-interact/