DeFi protocol Curve Finance was hacked as attackers managed to exploit the frontend. The platform announced that the problem has been detected and reverted. At the same time, the team advised users to revoke any contracts on Curve that they may have in the last several hours. Curve also asked users to use http://curve.exchange for a while until the propagation for http://curve.fi gets back to normal.
Related: Balancer CEO Proposed To Adopt Curve Finance’s Tokenomics Model
Curve said that the nameserver was hacked, and that the investigation was in the process, adding that the NS has a problem itself. Data from Etherscan shows that the attackers withdrew more than $573,000 in USDC and DAI from eight different addresses. They moved the stolen funds to the attacker’s wallet, changed them for Ethers, and sent them to the exchange FixedFloat.
Supposedly, the hacker altered the domain name system entry for the platform, leading users to a fake clone and interacting with a malicious contract. However, the app's contract was not compromised.