Trusted

Curve Finance Resolves Front-End Exploit After $570K Stolen

2 mins
Updated by Geraint Price
Join our Trading Community on Telegram

In Brief

  • Attackers used a front-end exploit to steal $570,000.
  • Curve has resolved the issue quickly, and FixedFloat also froze 112 ETH worth of the funds.
  • DeFi attacks continue to plague the market, and billions have been stolen in 2022 alone.
  • promo

Curve Finance was the victim of a front-end exploit caused by a DNS issue. It has since resolved the exploit, and FixedFloat has frozen 112 Ethereum worth of stolen funds.

The Curve team believed a glitch led to the site’s nameserver being compromised. This was later confirmed, and in the interim, the team asked users to revoke any approved contacts.

Curve fixes the issue within hours

Curve Finance announced a few hours ago that updates had been sent out, and the platform was safe to use again. The team had pinpointed the issue fairly soon after it was discovered, asking users to use curve.exchange instead of curve.fi

As for how the exploit was present in the first place, the team said that they did not know and that it was iwantmyname that likely got hacked in the first place.

An analysis of the exploit shows that whenever a transaction was approved to spend any asset, it could manually drain the funds into a malicious externally owned account (EOA) instead.

About $570,000 had been stolen. Others have also acted quickly on the matter, ensuring that the damage was limited to the initial thefts. FixedFloat froze 112 ETH of the stolen funds.

There have been several attacks on the DeFi market this year, and it is clear that attackers will use whatever means possible to exploit the most popular platforms. Bridge attacks, in particular, have become popular among attackers, and several of these have taken place in 2022.

The Ronin Bridge attack earlier this year saw over $620 million stolen, and the service only just relaunched, with the Axie Infinity developer having to reimburse victims. Most recently, the Nomad Bridge experienced an attack where hackers made away with nearly $200 million.

Most of these attacks have been because of centralization issues, according to a Certik report. While hacks can have a huge impact on projects and their reputation, it’s not always the case that they are rendered a failure forever. Many DeFi projects have successfully returned following an exploit or hack.

Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024
Coinbase Coinbase Explore
Coinrule Coinrule Explore
Uphold Uphold Explore
3Commas 3Commas Explore
Chain GPT Chain GPT Explore
Top crypto projects in the US | November 2024

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content. Please note that our Terms and ConditionsPrivacy Policy, and Disclaimers have been updated.

Rahul-Nambiampurath.jpg
Rahul Nambiampurath
Rahul Nambiampurath's cryptocurrency journey first began in 2014 when he stumbled upon Satoshi's Bitcoin whitepaper. With a bachelor's degree in Commerce and an MBA in Finance from Sikkim Manipal University, he was among the few that first recognized the sheer untapped potential of decentralized technologies. Since then, he has helped DeFi platforms like Balancer and Sidus Heroes — a web3 metaverse — as well as CEXs like Bitso (Mexico's biggest) and Overbit to reach new heights with his...
READ FULL BIO
Sponsored
Sponsored