Skip to content
TechnologyFintechIndustryDappCryptoDecentralizedProtocolCybersecuritySmart contractFinanceDefi

Curve Finance Purportedly Subject to Cyberattack, Users Advised to Steer Clear of Platform's Website

DNS Hijacking Poses Threat: Curve Finance Issues Alert; Disruptions Reported in Decentralized Finance (DeFi) Projects. Users Advised to Steer Clear of curve.fi.

 and  Administrator
3 min read
DNS hijacking alert raised by Curve Finance; Decentralized Finance initiatives document service...
DNS hijacking alert raised by Curve Finance; Decentralized Finance initiatives document service interruptions. Users cautioned against engaging with curve.fi.

Curve Finance Purportedly Subject to Cyberattack, Users Advised to Steer Clear of Platform's Website

Hack Alert: Curve Finance's Decentralized Finance Platform Under Attack

Looks like the finance world's gotta a problem – major DeFi protocol Curve Finance has been hacked! That's right, folks, the team themselves took to X (used to be Twitter) with an urgent warning for users: stay clear of their platform!

The nitty-gritty details are a bit hazy, but it seems like Curve Finance might've fallen prey to a wicked DNS hijack. And that's not all – multiple DeFi projects like Convex Finance and Resupply, which rely on Curve's data, are suffering service disruptions because of this DNS mess-up.

But don't you worry, both Convex and Resupply confirmed their platforms are tight and secure, despite the rough patch happening with Curve. They're just waiting for Curve to sort out their online domain crap and get back online.

Now, this situation is all about the DNS layer, the system that converts a website address into its server's actual location. Crooks got their grubby hands on that system and goofed it up. Luckily for us, Curve has already moved over to a new domain, curve.finance, ensuring the bad guys don't find a way in through the old one.

To put your fears to rest, user funds are safe and sound, says Curve. Their smart contracts and the overall protocol are still operating smoothly and securely. The team is hard at work to thoroughly investigate this mess and prevent further trouble down the road.

This little snafu is a perfect reminder of the risks associated with DeFi frontends, which unlike decentralized contracts, are still susceptible to traditional attacks like DNS hijacking. So if you're messing around with projects connected to Curve, chillax and keep your wallets protected – don't sign any transactions or fiddle with Curve-related dApps.

The team at Curve is working hand in hand with partners to clear up this mess and bring everything back to normal. Keep your eyes peeled for future updates as the investigation continues.

It's high time for DeFi protocols to give frontend security a damn good look-over, seeing as recent hacks have shown that the front end remains an open door for crooks, even in decentralized structures.

This story's still unfolding...

Investment Platforms*eToro*Plus500**Arkham**Moonacy

Folks, remember this: I'm just chatting with you, kicking back, and dishing out the latest news. You should check facts independently and run everything you read by a professional before making any moves based on this. And don't forget to take a gander at our updated Terms and Conditions, Privacy Policy, and Disclaimers.

Note: This hack took place on May 12, 2025. Curve's original domain, Curve.fi, got hijacked, redirecting users to a copycat site, which could trick users into signing shady transactions that might empty their wallets. The attackers targeted the DNS system and didn't manage to breach Curve's internal systems or user funds. The domain registrar, iwantmyname, came under fire for its delayed response to revoking the hijacker's control of the domain. The CRV token price took a tumble following the incident, falling to around $0.7274 on account of distrust among investors. The hack highlighted potential risks in DeFi ecosystems, where front-end domains can be hijacked to launch phishing attacks. Enhancing domain security and user awareness is crucial for the safety of DeFi projects and their users.

  1. The recent hack on Curve Finance, a major player in the DeFi industry, serves as a stark reminder of the risks associated with Decentralized Finance (DeFi) frontends, even in decentralized structures.
  2. Despite the hack on Curve Finance's platform, user funds are safe and sound, according to the protocol's team, as the smart contracts and overall protocol are still operating securely.
  3. The technology behind DeFi, including smart contracts and protocols, is decentralized, making it less vulnerable to traditional attacks, but the frontends remain susceptible to hacking, as the DNS hijack incident on Curve Finance demonstrates.
  4. Cybersecurity measures, particularly at the domain level, are crucial for the safety of DeFi projects and their users, as demonstrated by the recent incident involving Curve Finance's domain, iwantmyname.
  5. In the aftermath of this hack, it's essential for DeFi protocols to prioritize frontend security to prevent future attacks and protect users' investments, as recent events have shown that the front end remains an open door for cybercriminals.

Read also:

    Related

    Latest