Find us @

Feature

An unknown party stole $570K

Users who were impacted by the curve.fi and curve.exchange hacks have been advised to avoid the platforms while they attempt to find the source of the hack.

Published

on

According to a snapshot of the protocol’s wallet that was released on Twitter late Tuesday, hackers stole about $570,000 from the DeFi protocol Curve.Finance.

The problem was located and fixed, according to the Telegram second announcement of the protocol. Curve contract approvals during the past few hours must be revoked immediately. Users were also told to switch to curve.exchange until curve.fi traffic returns to normal, per the protocol.

The DNS for the protocol website appears to have been altered by the hacker in order to redirect users to a malicious clone and get them to agree to a harmful contract. However, the contract for the program was not broken.

According to the Telegram message, “we are getting aware of a potential front end issue that is approving a bad contract.” Please hold off on any approvals or swaps for the time being. We’re investigating where the problem is, but until then, please don’t access curve.fi or curve.exchange.