Curve Finance Warns Users After DNS Hijack Sends Funds to Scam Site

Curve Finance warned users to avoid its curve.fi website due to a DNS hijacking attack redirecting visitors to a malicious wallet drainer.

  • The security incident affected the website, but the underlying protocol and smart contracts remain secure, according to Curve’s official statements.
  • Past front-end attacks have targeted other DeFi platforms and have caused significant user losses, highlighting ongoing risks in decentralized finance.

On May 12, 2025, Curve Finance, a prominent decentralized exchange, urged users to steer clear of its curve.fi website in response to a DNS (Domain Name System) hijacking attack. The attack redirected visitors to a malicious site designed to drain their cryptocurrency wallets.

- Advertisement -

Within two hours of the initial alert, Curve Finance confirmed the incident on its official social channels. Co-founder Michael Egorov recommended users instead access the exchange via its alternative front-end, curve.finance. The company stated on X (formerly Twitter) that the attack had compromised the domain, not the underlying protocol: “While all smart contracts are safe, the domain name points to a malicious site which can drain your wallet!”

This event follows a recent hack of Curve’s social media account used to spread a phishing website, part of a wider pattern affecting crypto platforms. According to DeFiLlama, Curve Finance ranks as the fourth-largest decentralized exchange by total value locked, with about $2 billion currently secured across nine blockchains.

Front-end attacks, like DNS hijacking, target user interactions rather than exploiting core smart contracts or liquidity pools. Attackers redirect users to deceptive websites, prompting them to sign fraudulent transactions. This technique has previously affected multiple DeFi projects. For example, the 2021 Badger DAO incident cost users $120 million after approvals were harvested, and a similar attack in 2022 led to $570,000 in losses for Curve users when the domain was spoofed.

Curve Finance publicly criticized its DNS registrar, iwantmyname, for what it called an inadequate response time. The company noted ongoing limitations due to the .fi domain, though it indicated plans to phase out the affected domain in the future.

Since its 2020 launch, Curve Finance has faced multiple security challenges. In 2023, a separate hack led to $70 million in liquidity pool losses and triggered a significant drop in its CRV token price. Despite these incidents, the protocol itself has remained operational during the recent DNS attack, with all smart contracts reported secure.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -

Latest

CoreWeave, D-Wave, QuantumScape: Smarter Bets Than Crypto?

Three speculative tech stocks—CoreWeave, D-Wave Quantum, and QuantumScape—have drawn attention as alternatives to cryptocurrencies for risk-tolerant investors. CoreWeave shifted from cryptocurrency mining to Artificial Intelligence...

Tether CEO: No Plans to Go Public Despite $515B Valuation Buzz

Tether CEO Paolo Ardoino says the company has no plans to go public, following competitor Circle’s debut on the New York Stock Exchange.Ardoino responded...

Shavez Ahmed Siddiqui Is Rewriting the Rules of Banking with LQUIDPAY Deobank

In the fast-evolving landscape of digital finance, one name continues to stand out: Shavez Ahmed Siddiqui, a self-taught technologist, fintech innovator, and the visionary...

Bitcoin Core Devs Urge Neutrality, Spark Debate Over Network Use

Thirty-one Bitcoin Core developers released a joint statement emphasizing a neutral stance on the use of the Bitcoin network. The statement highlights that developers are...

Cudis Smart Ring Rewards Healthy Habits With Crypto on Solana

Cudis has introduced an AI-powered smart ring and launched a new CUDIS token to reward users for tracking health habits. The CUDIS token operates on...

Must Read

5 Best Hacking eBooks for Beginners

In this article we present the 5 Best Hacking eBooks for beginners as ranked by our editorial teamWelcome to the world of hacking, where...