Website of Decentralized Crypto Exchange Curve ‘Compromised’

The main website of decentralized digital asset exchange Curve Finance has been compromised in what appears to be the latest instance of a sinister crypto exploit.

The problem was “found and reverted,” Curve tweeted at 5:28 PM ET, pointing to this address as the contract that users should withdraw.

“If you have approved any contracts on Curve in the last few hours, please cancel immediately,” it wrote.

The firm warned users that it is looking into an apparent name server attack and said its site should be avoided. It was not immediately clear if any funds had been compromised.

“Do not use the site – the name server has been compromised,” the company wrote in a tweet Tuesday. “The investigation is ongoing: NS itself probably has a problem.”

In a subsequent tweet, Curve said that Curve.Exchange uses a different domain name system provider and appears to be unaffected, but noted that users should still “proceed with caution.”

Curve urged domain registrar iwantmyname to “please do something” at 5:22 PM ET.

“We switched name servers, but don’t rush to use – wait a bit,” the decentralized exchange added.

Twitter account Phobar claimed at approximately 4:30 PM ET that roughly $570,000 worth of tokens had been stolen so far, pointing to this address.

The incident comes after a hacker produced a phishing pop-up on Polygon and Fantom last month warning users that their money was at risk and urging them to enter their private account keys.

This hacker gained access to Polygon’s and Fantom’s Remote Procedure Call (RPC) interfaces through the Web3 infrastructure platform Ankr by tricking a third-party domain name system (DNS) provider into giving the hacker access to Polygon’s and Fantom’s domains.

This is a development story.

Updated 9 August 2022 at 17.52

Get today’s best crypto news and insights delivered to your inbox every night. Subscribe to Blockworks’ free newsletter now.