Curve Finance Warns: Avoid Main Site After DNS Attack!

Curve Finance Warns: Avoid Website After DNS Attack!

13 May 2025 at 13: 57

Reading time: 2 minutes

Curve Finance recently suffered a serious security incident. The protocol’s front-end website was compromised by attackers who redirected users to a fake site. This attack was carried out by manipulating DNS records, directing traffic to a malicious server. The fakes were executed using malicious scripts that were designed to trick users into approving token transfers, putting them at risk.

This is not the first time Curve Finance has experienced such incidents. In 2022, the protocol suffered a similar DNS hijacking, resulting in a loss of around $570.000. This year, they ran into trouble again due to vulnerabilities in the Vyper programming language, which caused an estimated loss of $24 million.

This time, Curve Finance reported that despite the security breach, the protocol’s smart contracts remained secure. The teams worked quickly on a fix, working with their domain registrar and security partners. The security measures were reportedly in place for a long time before the incident occurred.

What exactly happened?

The attackers modified the DNS records to point to an IP address under their control. This caused users to be unknowingly redirected to a fraudulent site that mimicked Curve’s interface. This site contained scripts designed to deceive users. The danger lies in the fact that it is often difficult for the average user to recognize that they have been redirected to a malicious site; the URL appears to be correct at first glance.

The attack has the blockchain of the protocol itself, but exploits a trust issue between the user and the interface of the decentralized application. The main advice is simple: as long as users interact with Curve via verified contract addresses, their funds are essentially safe.

The history of attacks

Curve has been targeted by hackers before. In the aforementioned DNS hijacking in 2022, they advised users to revoke suspicious approvals and consider migrating to the Ethereum Name Service (ENS) as a measure against future vulnerabilities. Then, in 2023, we saw the protocol fall into trouble again due to an exploit related to the Vyper programming language.

It is clear that these are not isolated incidents. The crypto industry is facing greater challenges when it comes to security, especially in terms of infrastructure. It remains crucial for users to be vigilant and regularly check their approvals.

Frequently Asked Questions

What measures has Curve Finance taken after the hack?
Curve Finance quickly isolated the situation and launched an investigation. They worked with domain registrars and security partners to address the issues. Most importantly, they stressed that the security of their smart contracts was not compromised.

Can users still safely use Curve?
Yes, as long as users interact with Curve through verified contract addresses, their funds are safe. It is essential to always enter links yourself and not click on suspicious referrals.

What can users do to protect their cryptocurrencies?
Users should always be on the lookout for suspicious approvals and revoke them if necessary. It is also wise to use reliable and verified platforms for their transactions, and their wallet to regularly check for unauthorized activities.

Share this article:

Disclaimer: The information on Block 9 is for general informational and educational purposes only. While we strive to provide up-to-date, correct and relevant content, we make no warranties as to the completeness, accuracy or reliability of the information provided. All content on this website, including articles, analyses, opinions and other publications, is for general information purposes only and does not constitute professional or legal advice in any way, including but not limited to financial, investment or tax advice.

Block 9 makes no guarantees or representations as to any possible results or returns that may arise from the use of information on this website. Nothing on this website should be interpreted as a recommendation to buy, sell or hold any particular asset, including but not limited to cryptocurrencies, tokens or other financial instruments.

The opinions and views expressed in contributions by editors, external authors or community members are strictly personal and do not necessarily represent the views or policies of Block 9 as a platform. Block 9 accepts no liability for any loss or damage – direct or indirect – resulting from the use of (or reliance on) the information published on this website.

Investing in cryptocurrencies and other digital assets involves significant risks. The value of such assets can fluctuate significantly, and there is a chance that you could lose (some of) your investment. We strongly recommend that you always do your own research (DYOR) and seek independent advice from a qualified financial advisor before making any financial decisions. By using this website, you agree to this disclaimer and accept that Block 9 is not responsible for your investment choices or the results thereof.