Decentralized Finance (DEFI) Protocol Curve Finance warns that a hacker is re -alive a Domain Name System (DNS), sending users to a malicious website.
With the second attack on its infrastructure in one week, the “Curve.Fi DNS can be mashed. Don’t contact!” The team Says In a May 12’s warning to X.
In a follow-up post with a user asking if this is A hack or a hijackThe curve team Says The website “points to the wrong IP” when users try to visit. A DNS works like a directory that translates domain names into IP addresses.
The team too Says In another update that “password was safe,” its two-factor validation was set up a “long time ago,” and a question was sent to the “registrar today.”
“While all smart contracts are safe, domain names point to a malicious site that can drain your purse! We investigate and work on accessing access. There is no sign of a compromise on our side,” curve Says.
Curve finance is that -hit in a similar attacking in front of the end of August 2022. In a post-mortem, the consensus is that Attacks have managed to -Clone the Curve Finance website and i -reroute the DNS server on fake page.
Users who tried to use the platform drained their funds in a pool operated by attacks.
Cointelegraph contacted the curve finance for the comment.
Curve finance potential attack on front
Onchain security firm Blockaid also saw an unusual activity from the curve website recently, warning users to stay away and avoid contact today.
It can be a case of a “potential attack on the Frontend,” According to to the security firm, which is when hackers target Part of website users is in contact with, such as buttons, forms, or text on the site, to steal sensitive data.
“If you are connected, please refrain from signing the transactions and avoiding DAPP contacts until the issue is resolved. We are working closely with the affected partners. Lots of updates soon,” Blockaid said.
Related: Crypto hackers hit Defi for $ 92m in April while attacking double from March
Second attacking in a week
This is the second time curve finance has been targeting last week. On May 5, A hacker took the Official X hold.
“To clarify: The incident is limited to X account. No other curve accounts have been affected. No security issues found on our side, no user funds have been affected, and no victims of phishing links posted by the hacker,” the team said in a follow-up May 6 post.
Access to the curve Finance X Account is quickly restored, and the cause is still under investigation.
A murder of other high-profile x accounts also have Taken by evil actors this year. On May 2, the Tron Dao account was that -Hijack; Meanwhile, on April 15, a member of the UK Parliament, Lucy Powell, had His account was taken to promote a scam crypto token Called House of Commons Coin (HOC).
Magazine: Financial nihilism finished in crypto – it’s time to dream again big
