Curve Finance (CURVE) hacked – 570K of funds stolen

On Tuesday, Curve Finance warned its users about an attack on the frontend of the website. The attacker managed to grab over 570,000 worth of euros from Curve Finance users. The team at Curve quickly threw out an alert and the attack has since been defused.

- Advertisement -

Problem found and fixed

Not long after the problem was announced, Curve Finance informed us that the situation has already been rectified.

“The problem has been found and resolved. If you have approved contracts on Curve in the past few hours, please revoke them immediately. For now, use curve.exchange until curve.fi is working again as it should,” said Curve Finance with the message to revoke all contracts of the past hours.

According to Curve Finance themselves, the problems likely stem from the hack of their DNS server provider Iwantmyname. In response, Curve Finance switched to a different name server. A name server works like a directory or pipeline that translates domain names into IP addresses.

Why is a DNS hack dangerous?

A nameserver hack is dangerous because it allows hackers to use a clone of the website to make people feel like they are in a secure environment. The domain name and the look of the website are often almost completely correct, but all the information you enter goes straight to the hackers. People who connect their wallets at times like that run the risk of losing their assets.

It could also be that you enter a smart contract that the hackers then make some changes to. Without you realizing it, you then send your hard-earned crypto to the hackers, instead of the intended destination.

The situation has since been resolved for Curve Finance, but hacks like this can be deadly for a protocol like this. When trust in a party is gone within the crypto industry, things can move quickly.

- Advertisement -

‘Don’t trust, verify’

Which brings us to a statement that is central to this industry: “don’t trust, verify.” Don’t trust anything and always verify everything before sending a financial transaction. Especially when large sums of money are involved.

That’s a piece of ethos that’s a little trickier, especially in the DeFi world, than it is for bitcoin. Basically, with bitcoin, it’s pretty simple to verify everything before you send a transaction. If you’re running your own node, then you can be confident that everything is correct.

In the case of DeFi, that’s trickier. Even if you run an Ethereum node, in this case you still have to rely on a service provider like Curve Finance, which in turn also relies on several service providers.

- Advertisement -

In this case, it was a hack of Curve Finance’s domain name server, which the project itself can therefore not do much about. In principle, you could check all this, by always verifying the address of the website or, for example, testing some things on the website.

In practice, however, you see that many people do not do that, which in this case results in at least 570,000 euros in stolen assets.

Previous Articles:

- Advertisement -

Latest News

Coinbase Shares Hit Highest Level Since 2021 Nasdaq Debut

Coinbase stock reached its highest price since its 2021 listing, nearly returning to debut...

BPX Gains FCA Nod to Trade Tokenized Securities in the UK

BPX, a startup focused on trading tokenized securities, received several authorizations from the UK’s...

Shopify, Coinbase Launch USDC Payments; Mastercard Expands Crypto Access

Shopify and Coinbase allow merchants to accept USDC stablecoin payments, making crypto transactions easier...

Coinbase Launches Wrapped ADA and LTC on Base, COIN Hits New High

Coinbase has introduced wrapped versions of Cardano (ADA) and Litecoin (LTC) on its Ethereum...

ClickFix Attacks Surge 517% in 2025, Fake CAPTCHAs Spread Malware

ClickFix attacks using fake CAPTCHA verifications have risen by 517% in early 2025, according...

Must Read

How to Buy VPN With Bitcoin Using CyberGhost VPN

In this step-by-step guide, you will learn how to purchase a VPN (Virtual Private Network) subscription using Bitcoin, a popular cryptocurrency, and CyberGhost VPN,...