In a concerning development within the decentralized finance (DeFi) community, Curve Finance has fallen victim to a second DNS hack. This breach has triggered a 7% decline in the Curve DAO (CRV) token price, sparking widespread concerns.
Decentralized finance (DeFi) protocol Curve Finance has been hit by a second DNS hack, triggering a 7% decrease in the Curve DAO (CRV) token price and sparking widespread concerns.
Following the hack, the DeFi protocol issued a warning alert, "Curve.fi DNS might be hijacked. Don't interact!" In addition, the platform asserted that smart contracts remain safe.
In an X post dated May 13, DeFi protocol Curve Finance cautioned users against its domain name system (DNS) hack that redirects users to a malicious clone site designed to drain wallets. This is the second time the DeFi protocol has been hit this week, with the team assuring users that their smart contracts are safe.
Driven by this development, the Curve DAO token price has seen a massive decline. Currently trading at $0.7220, CRV has plummeted by 6.91% over the past day. Despite this 24-hour dip, the token has surged by 12% and 18% over the past week and month, respectively.
Further commenting on the platform's priority of user safety and security, the Curve team stated, "We understand the seriousness of the situation and are committed to full transparency. Our top priority is user safety and maintaining trust in Curve as a public infrastructure for DeFi."
On May 6, Curve Finance's X account had been hacked, following which the company affirmed, "No other Curve accounts were affected. No security issues were found on our side, no user funds were impacted, no victims of phishing links which the hacker posted. All Curve systems remain fully operational."
Reportedly, the hackers hijacked Curve Finance's DNS, sending clients to a malicious site to gain access to funds. The team clarified that the issue is due to their website pointing to the wrong IP address, suggesting a DNS hijacking rather than a direct hack.
Curve Finance asserted that smart contracts are secure, but the domain name is currently redirecting to a malicious site that could drain wallets. The team also confirmed that their password is secure and that two-factor authentication had been set up previously. Curve is now working with the registrar to regain control and investigate the issue.
However, the CRV token price is significantly affected by the hijack. The move has created a negative sentiment within the community, which is clearly evident in the 8% decline in trading activity. Over the past 24 hours, the trading volume has dropped to $165.9 million.
