Curve Finance Hit by Cyberattack, Users Warned

Curve Finance, a prominent decentralized finance (DeFi) protocol, has reportedly fallen victim to a cyberattack. The platform's team issued an urgent alert on X (formerly Twitter), advising users to refrain from interacting with the platform. While the specifics of the attack remain unclear, it is believed that the protocol may have suffered a DNS hijack. This type of cyberattack involves manipulating the Domain Name System to redirect users to malicious sites, potentially tricking them into interacting with fraudulent versions of the platform.

The incident has had a ripple effect, impacting multiple DeFi projects that rely on Curve’s data feeds. Convex Finance and Resupply, both of which depend on Curve’s data, reported outages and functionality issues. Both teams have confirmed that their own platforms remain secure, but dependent services are disrupted until Curve’s domain is restored. Convex Finance, which uses data from Curve, has emphasized that while their backend is unaffected, users should avoid signing transactions or interacting with dApps tied to Curve during this period.

Security experts and users have flagged this incident as a stark reminder of the risks associated with DeFi frontends. Unlike decentralized smart contracts, web frontends remain vulnerable to traditional attacks such as DNS hijacking. This situation underscores the need for DeFi protocols to focus more heavily on frontend security. Recent DeFi hacks reflect that the front end remains an exposed vector despite decentralized architectures.

Curve Finance has stated that it is working with affected partners to resolve the issue. As the investigation continues, further updates are expected. The protocol has assured users that all smart contracts are safe, but the domain name points to a malicious site which can drain users' wallets. Users are advised to exercise caution and avoid interacting with the platform until the issue is resolved.