Curve Finance warns its DNS has been hijacked again

Summary

Curve Finance has experienced a DNS hijacking, redirecting users to a malicious website. The team issued a warning on May 12, advising users not to interact with the site. The DNS issue causes the domain to point to an incorrect IP address, posing a risk of wallet drainage. Curve confirmed that all smart contracts remain secure and that two-factor authentication is intact. They are investigating the incident and have contacted their registrar for assistance. This marks the second attack within a week; a previous incident involved the takeover of Curve's official X account on May 5, which was quickly resolved without impacting user funds. Onchain security firm Blockaid has also detected unusual activity and advised users to avoid interactions with the platform until the situation is resolved.

Related News