Curve Finance transforms permanently to a new web domain after a targeted DNS attack that exposed users to phishing risks.
On 13 May, the Defi protocol confirmed that it will work on Curve. Financing, replacing the compromised curve.fi.
The protocol explained that it made the move because of the long -term downtime and limited support from .fi domain registrars.
It stated:
‘[The] .fi [domain] Will be too long / no sense to go back. Registrars that .fi can also contain are somewhat not as big as those with. -Finance can handle. “
On May 12, hackers hijacked The DNS records for Curve.fi, who diverted visitors to a malignant website that simulates the interface of the protocol. This fake site tried to mislead users to sign wallet-permeable transactions.
After the incident, Curve said that the problem was included at the level of DNS and that no internal systems were broken.
However, the compromised website was left for a few hours because the domain registrar, iwantmyname, did not respond to complaints from the community.
Curve said:
‘[The registrar’s] The response time is totally unacceptable: we need access to curve [.] Fi removed from hackers and the incident to be investigated. “
Speaking of this, Yu Xian, the founder of Blockchain security company Slowmist, marked The risk that the problem could have caused, and noted that:
‘The phishing gang [was] Dirty tricks play at the front with fake dolloppop-up-ups, directly fishing for mernic sentence … I have to say, this is pretty sleazy. “
The compromised domain name has been frozen since the attack.
Curve’s security challenges
In 2022, the protocol suffered a comparable DNS caping, which led to loss of users in total around $ 530,000. In particular, at the time of the attack, the company used the same registrar, iWantMyname.
In the meantime, the recent DNS attack is just over a week after a separate security event in which a hacker temporarily took over the X account of Curve.
On May 5, a hacker took over the social media from the platform to post phishing left. The team quickly got control of the account and said No user funds were influenced.
In the meantime, security experts emphasized that the back-to-back incidents show that attackers are shifting the focus from code exploits to infrastructure-based vulnerabilities.
This year, the crypto industry has lost around $ 2 billion to malignant actors who have exploited centralized fairs such as Bybit and various Defi protocols.
