Nefarious Activist Attacks Curve Finance, Steals $570k
Recent news has reported another theft incident in the digital currency sector; it occurred in an exchange liquidity pool, Curve Finance. The attackers accomplished their objective by hijacking the DNS of the exchange liquidity pool.
These bad actors used a program that created access to the protocol’s home page. Once the malicious contract was deployed on the protocol’s system home page, it only required approval to access its wallets.
Binance CEO, Changpeng Zhao, revealed that over $570K was stolen from the protocol’s wallets. He added that the hackers had their way into the protocol’s wallets due to its DNS system. He warned that using GoDaddy for DNS is not ideal, particularly for web3 projects. This is because of its insecurity, adding that GoDaddy is quite vulnerable to manipulations.
They use GoDaddy for DNS, which is insecure. No web3 projects should use that. Very susceptible to social engineering.— CZ 🔶 Binance (@cz_binance) August 9, 2022
The protocol was swift enough to spot the breach in its DNS. So, it quickly reported the hack of the nameserver, curve.fi. While that is true for the curve.fi nameserver, the curve exchange nameserver remained secure. This was because the DNS provider for the curve exchange nameserver differs from that of the curve finance.
Finance sent another Twitter message stating that the issue had been resolved. According to the message, the protocol has identified and reverted the problem. However, the team was instructed to terminate all the accepted contracts a few hours ago.
Curve Finance Overview
The market has several protocols, of which Curve Finance is the most recognized. It is a protocol with very significant DeFi (decentralized finance) projects.
According to the decentralized finance Llama site tracker data, the protocol’s deposits are over $6 billion. However, this was before the beginning of this year, as there has been a plunge in its deposits. The current figure for the protocol’s deposits, dating from the beginning of 2022, is about $24 billion.
Furthermore, looking at the market security in the last Q2, there has been a dramatic increase in its exploits. While that is true for the market security, the crypto market has been on the low dating from the same period.
The DeFi sector has recognized Curve Finance as a relevant part of the ecosystem. This is a result of the CRV tokens rewards offered by the protocol. The token rewards were crucial to various protocols in the sector. This is particularly true, as they provided a good source of income for them.
The effect of the rewards is also evident in the Curve DAO Token – CRV. The digital token now trades at $1.27. In addition, the report shows a 10% increase in the last 24 hours, with $660 million as its market cap.Source