Curve Finance DNS exploit resolved

Over $530k was stolen from Curve Finance Tuesday after a hacker was able to take control of the nameserver to reroute the DNS to a malicious server. The front end of the Curve website was cloned to trick users into believing they were interacting with a legitimate site.

On the surface, the SSL certificate, domain name, and website content were identical to the real version of the site, giving users little chance to identify the exploit. The correct IP for Curve’s server has been released and information on how to check this can be found at the end of this article.

Within an hour, Curve had updated its Twitter account to pinpoint the malicious contract that should be revoked from all users’ wallets. The update followed a statement confirming that the platform had “found and reverted” the issue.

As of 7 PM GMT on August 10, Curve advises users to take additional precautions when interacting with its dApp. The issue has been resolved, but not all DNS records have been updated worldwide at this time. Users who understand how to verify an IP are safe to use the platform; others should use curve.exchange in the meantime.

Tether’s CTO Paolo Ardoino commented on the hack Wednesday afternoon to state,

“This attack demonstrates once again that the ingenuity of hackers presents a near and ever-present danger to our industry… We applaud Curve for its ability to be able to pinpoint the source of the hack, and speedily act. This is exactly how a protocol should react during a time when customers’ funds are at risk.”

How to check if curve.fi resolves to the correct server

For those wishing to use Curve Finance the following methods can be used to check how the IP address resolves at your location.

Windows

  1. Press “Windows + R”
  2. In the Run dialogue box, type “cmd” and hit enter
  3. A window will open, and it in type “ping curve.fi”
  4. The result should return the IP address “76.76.21.21”
  5. If it does, then your current internet connection is resolving to the correct server for the domain

Mac

  1. Press “Cmd + Space”
  2. Type “terminal” and open the “Terminal” app
  3. A window will open, and it in type “ping curve.fi”
  4. The result should return the IP address “76.76.21.21”
  5. If it does, then your current internet connection is resolving to the correct server for the domain

However, in an abundance of caution, users are still advised to use curve.exchange until the Curve team releases a further update to confirm all DNS records have propagated.

Posted In: DeFi, Hacks, Outage


Credit: Source link

Comments are closed.

Please enter CoinGecko Free Api Key to get this plugin works.