Unraveling the Curve Finance DNS Hijack Tangle: What We Know So Far
Curve Finance reports move to alternate domain as a result of DNS hijack incident
In a twist of events, Curve Finance, a major player in the decentralized finance (DeFi) sphere, has seen its web domain switched from Curve.fi to Curve.finance following a DNS hijack incident.
In a candid chat with our publication, a Curve Finance representative confirmed that the revamped domain,Curve.finance, is "safe and functional," while ensuring that users' funds always remained " untouched and secure" throughout the ordeal.
The firm's statement clarifies that the smart contracts and internal operations remained unaffected, with all services continuing to operate smoothly. The change was triggered by an extended downtime and limited support from the .fi domain registrar, Iwantmyname.
"The .fi will remain offline for an extended period or simply not worth returning to," the Curve team asserted in a Reddit post. They further stated that domain handlers responsible for the .finance extension offer swifter, reliable service compared to those overseeing .fi domains.
The team affirmed that the DNS breach was confined to the DNS layer, and did not involve any unauthorized access to internal infrastructure. They confirmed that password protections and two-factor authentication systems remained uncompromised.
While the spokesperson acknowledged the ongoing investigation into the breach, they couldn't disclose further details at this point in time.
A subsequent statements from the team, shared on May 13, outlined the immediate steps undertaken to control the threat, segregate the impacted systems, and launch a full investigation. The team also collaborated with their domain registrar along with Web3 security partners for restoration of regular functioning.
The delayed response from the registrar was a key determinant in the decision to transfer to the new domain.
In a follow-up development, their registrar successfully froze the Curve.fi domain, effectively halting the mischievous drainer.
In response to a community member, the project also confirmed plans to roll out a .eth domain, benefiting from the Ethereum Name Service, a decentralized alternative to traditional DNS infrastructure.
Our previous report highlighted that the DNS hijack was first reported by the Curve team on May 12. The malicious folk had rerouted traffic to a simulated website that mimicked the protocol's interface, hosting a wallet drainer.
The illicit page was active for hours until it was neutralized, triggering warnings from Blockaid and other industry stalwarts.
Initially, the news of the hijack led to a 7% dip in the price of CRV, the native token of Curve DAO, plunging it to an intraday low of $0.71. However, the token quickly bounced back to $0.76 at press time, marking an approximately 6% surge over the last 24 hours.
On a more positive note, Curve Finance has partnered with the TON Foundation to strengthen stablecoin trading, as reported by our publication.
Related Insights:
- Understanding DNS hijacking attacks and their impact on DeFi protocols
- How to secure your cryptocurrency assets amid growing online threats
- Curve Finance - The decentralized exchange boosting DeFi liquidity
- Blockaid - A Web3 security firm helping combat financial fraud and cyber attacks in the crypto ecosystem
- TON Foundation - Working towards the mainstream adoption of blockchain technology
- Despite the recent DNS hijack incident, Curve Finance's revamped domain, Curve.finance, has been confirmed safe and functional by the team, ensuring that users' funds remained secure throughout the ordeal.
- In a Reddit post, the Curve team asserted that domain handlers responsible for the .finance extension offer swifter, reliable service compared to those overseeing .fi domains, contributing to the decision to transfer to the new domain.
- The team affirmed that the DNS breach was confined to the DNS layer and did not involve any unauthorized access to internal infrastructure, with password protections and two-factor authentication systems remaining uncompromised.
- In response to a community member, the project also confirmed plans to roll out a .eth domain, benefiting from the Ethereum Name Service, a decentralized alternative to traditional DNS infrastructure.
