Curve Finance, one of the leading DeFi protocols in Ethereum blockchain made headlines as it announced on its official social media accounts that it has been hacked. The DeFi service provider made a request on its Twitter account asking its users to refrain from using its frontend until further notice as they had found the same to be compromised.
Shortly after, they announced that an investigation was under progress but continued to request its clients to stop using curve.fi site as the same was believed to be compromised. According to updates from the firm, their site had been under a DNS spoofing attack and hackers had cloned their site. This resulted in any transactions being made via the site being redirected to hackers’ wallets. However, the firm mentioned in another tweet that their curve.exchange was working fine as it was under a different domain name. Users were requested to proceed with caution and can make transactions via curve.exchange in the meantime until the investigation was concluded.
The firm announced in a couple of hours that the issue had been identified and resolved, but requested its users to continue making transactions using curve.exchange until the propagation for their website curve.fi reverts to normal. Speaking of the attack, the firm clarified that the hack was a result of their DNS service provider “iwantmyname” being compromised. Meanwhile, they have requested users to revoke any transactions made in the last couple of hours. According to their telegram post, for those who wish to revoke their transactions, the contract that needs to be revoked is 0x9eb5f8e83359bb5013f3d8eee60bdce5654e8881 and the same can be done via https://revoke.cash/.
