Curve Finance Loses $570k in Hack

Approximately $570,000 was stolen from decentralized finance (DeFi) protocol Curve Finance in a hack, reported to have taken place late on August 9 according to a screenshot of the protocol’s wallet shared on Twitter, CoinDesk wrote.

Source of problem fixed

Curve’s operators posted on Telegram that they had fixed the source of the problem shortly after announcing the exploit. They added:

We are becoming aware of a potential front end issue that is approving a bad contract. For now, please do not perform any approvals or swaps. If you have approved any contracts on Curve in the past few hours, please revoke immediately.

They also discouraged users from using curve.fi or curve.exchange until the exploit source was located. This is in case further attacks take place, leading to additional losses.

Curve.Finance’s rewards in its native CRV token have made it an integral part of the DeFi ecosystem. A number of additional protocols get income from these emissions.

Users were sent to a fake clone

The attacker (s) seem (s) to have altered the protocol’s domain name system (DNS) entry, sending users to a fake clone and endorsing a malicious contract in the process. Curve’s contract has not been compromised.

CRV lost almost a tenth of its value

The live CRV price today is $1.28 with a 24-hour trading volume of $213,682,172 according to CoinMarketCap data.CRV has lost 9.17% of its value in the last 24 hours.It’s not clear whether users will recover their funds.

About Curve Finance

Curve is a decentralized exchange for stablecoins that uses an automated market maker (AMM) to manage liquidity. Launched in January 2020, it soon became synonymous with DeFi.

It has gained considerable attention by following its remit as an AMM specifically for stablecoin trading.

The launch of the Curve DAO token brought in further profitability, given CRV’s use for governance, as it is awarded to users based on liquidity commitment and length of ownership.