Curve Finance exploited in ongoing attack

by · August 9, 2022

Important takeaways

  • Curve Finance suffers from ongoing exploitation.
  • A malicious contract has so far raked in more than $573,000 from victims.
  • The Curve team has warned users not to interact with the frontend until further notice.

Share this article

The DeFi protocol Curve is currently being leveraged through the front end. Over $573,000 has already been taken by the attacker.

Frontend exploited

Curve Finance is being exploited.

According to Paradigm researcher samczsun, Curve’s frontend is currently compromised. The researcher warned Curve users not to use the protocol until further notice.

Curve later appeared confirm the ongoing exploit on Twitter, writing in response to samczsun: “Don’t use frontend yet. Investigating!”

On-chain data performance that the malicious contract associated with the exploit appears to have collected over $573,000 in USDC and DAI from eight different victims so far. The funds, already transfered to the attacker’s wallet and exchanged for ETH tokens, were sent to the FixedFloat crypto exchange, first in groups of 45 ETH, then in amounts from 20 to 22 ETH.

At press time, the attacker had also started sending tokens through cryptocurrency mixer Tornado Cash, which was sanctioned by the US Treasury Department yesterday.

The Curve team suggested that the attacker possibly cloned the Curve website, did Domain Name System (DNS) directly against the fraudulent website, and then added authentication requests to the malicious contract. It further clarified that curve.exchange, unlike curve.fi, appears to have been unaffected.

Curve Finance is a decentralized finance (DeFi) protocol that provides “extremely efficient” stablecoin trading services with low slippage and fees. It is considered a pillar of the DeFi ecosystem, with over $6 billion in total value locked up.

Update: The Curve team posted on Twitter at 08:27 UTC that the exploit had been patched, and urged Curve users to revoke Curve contracts they may have approved in the past few hours.

Update 2: FixedFloat announced that funds of 112 ETH have been frozen in connection with the exploitation.

This is a developing story.

Disclosure: At the time of writing, the author of this piece owned ETH and several other cryptocurrencies.

Share this article

The information on or accessed through this website is obtained from independent sources we believe to be accurate and reliable, but Decentral Media, Inc. makes no representations or warranties as to the timeliness, completeness or accuracy of information on or accessed through this website. Decentral Media, Inc. is not an investment advisor. We do not provide personal investment advice or other financial advice. The information on this website is subject to change without notice. Some or all of the information on this website may be out of date, or it may be or become incomplete or inaccurate. We may, but are not obligated to, update outdated, incomplete or inaccurate information.

You should never make an investment decision on an ICO, IEO or other investment based on the information on this website, and you should never interpret or otherwise rely on the information on this website as investment advice. We strongly recommend that you consult a licensed investment advisor or other qualified financial professional if you are seeking investment advice about an ICO, IEO or other investment. We do not accept compensation in any form for analyzing or reporting on any ICO, IEO, cryptocurrency, currency, tokenized sale, securities or commodity.

See full terms and conditions.

Tags:

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *