The decentralised trading platform Curve Finance confirmed that a frontend attack of about $ 570,000 had occurred on its protocol on August 9. The protocol immediately found and fixed the issue’s root cause after this announcement. The project’s team had warned users to proceed with caution and asserted that an investigation had been opened to look into any potential vulnerability.
When the victim connects to their wallet and approves the contract, the money will be taken out. The project’s team had warned users to proceed with caution and asserted that an investigation had been opened to look into any potential vulnerability.
The project’s team offered a potential theory regarding what might be affecting their frontend. In order to influence people who access it, hackers may have “cloned” their frontend to make it appear to be identical to the Curve Finance product.
Therefore, until more information about the potential attack is available, anyone trying to access Curve Finance’s curve.fi frontend should avoid doing so. The project’s team stated in a different tweet that the frontend of curve exchange appears to be unaffected.
Any user of Curve Finance should revoke transaction approval for the following ETH smart contract addresses: 0x9Eb5F8e83359Bb5013f3D8eee60bDCe5654e8881 and users should keep an eye out for transactions coming from the attacker’s potential use of address 0x50f9202e0f1c1577822BD67193960B213CD2f331.
Alex Smirnov, a co-founder of deBridge, remarked on the hack:
“DNS is always a weak link. Here is how we solved this in deBridge, and I think every DeFi project should have this. We have an automated monitoring system that checks the hash of the website and all its files. In case a hash is changed, critical monitoring is immediately triggered. “