Open Now
Open Now
Watch now

After $570,000 was stolen, Curve Finance resolved a front-end exploit

A DNS problem led to a front-end attack against Curve Finance. FixedFloat has subsequently patched the vulnerability and locked 112 Ethereum in stolen cash.

The Curve team suspected that a bug had infiltrated the site's nameserver. This was later confirmed, and the team requested users to withdraw any allowed interactions in the meantime.

Curve resolves the problem within hours.

Curve Finance declared a few hours ago that fixes had been deployed and that the site was now safe to use. The team quickly identified the problem and advised customers to use curve.exchange rather than curve.fi.

The researchers did not know how the exploit became available in the first place, and that it was most likely iwantmyname that was hacked in the first place.

An examination of the attack reveals that if a transaction was permitted to spend any asset, the money may be manually drained into a hostile externally owned account (EOA).

A total of $570,000 had been taken. Others have also responded promptly on the issue, limiting the harm to the first thefts. 112 ETH of the stolen cash were frozen by FixedFloat.

This year has seen multiple attacks on the DeFi market, demonstrating that attackers would go to any length to hack the most popular platforms. Bridge assaults, in particular, have grown in popularity with attackers, with numerous occurring in 2022.

Over $620 million was taken in the Ronin Bridge hack earlier this year, and the service was only recently reactivated, forcing the Axie Infinity creator to repay victims. Recently, the Nomad Bridge was the target of an assault in which hackers stole approximately $200 million.

According to a Certik assessment, the majority of these assaults were caused by centralization difficulties. While hackers can have a significant influence on projects and their image, they are not always permanent failures. Following an attack or hack, several DeFi projects have successfully returned.

Related video

** Information on these pages contains forward-looking statements that involve risks and uncertainties. Markets and instruments profiled on this page are for informational purposes only and should not in any way come across as a recommendation to buy or sell in these assets. You should do your own thorough research before making any investment decisions. All risks, losses and costs associated with investing, including total loss of principal, are your responsibility. The views and opinions expressed in this article are those of the authors and do not necessarily reflect the official policy or position of USA GAG nor its advertisers. The author will not be held responsible for information that is found at the end of links posted on this page.

Follow us on Google News

Filed under