The decentralized financing protocol (DEFI) has warned that a pirate has again diverted its domain name system (DNS), sending users on a malicious website.
In the second attack on its infrastructure in a week, the “curve.fi dns could be diverted. Do not interact! ” The team said in a warning from May 12 to X.
In a user tracking article asking whether it was a hacking or diversion, the curve team said that the “website” points to the wrong IP “when users are trying to visit. A DNS works as a repertoire that translates domain names into IP addresses.
The team also declared in a different update than the “password is secure”, its two -factor authentication had been created “a long time ago” and a question was sent to the “registrar now”.
“Although all intelligent contracts are safe, the domain name points to a malicious site that can empty your wallet! We are investigating and working on recovery of access. No sign of compromise on our side,” said Curve.
Curve Finance was struck by a similar frontal attack in August 2022. In a post-mortem, the consensus was that the attackers had succeeded in cloning the financing website of the curve and relaunching the DNS server on the false page.
Users who tried to use the platform had their funds drained in a swimming pool operated by the attackers.
Cointtelegraph contacted Curve Finance for Comments.
FINANCE POTENTIAL CURVE frontal attack
Onchain’s security company, Blockaid, has also recently detected an unusual activity of the curve website, warning users to stay away and avoid interacting for the moment.
It could be a “potential frontiend attack”, according to the security company, that is to say when the hackers target the part of the users of the website interact, such as buttons, forms or text on the site, to steal sensitive data.
“If you are connected, please refrain from signing transactions and avoiding interactions with the DAPP until the problem is solved. We work in close collaboration with the partners concerned. More updates,” said Blockaid.
In relation: Crypto pirates struck DFI for $ 92 million in April while attacks double from March
Second attack in a week
This is the second time that the finance of the curve has been targeted last week. On May 5, a pirate resumed his official X handle.
“To clarify: the incident was strictly limited to the X account
Access to the CURVE Finance X account has been quickly restored and the cause is still under investigation.
A multitude of other high -level X accounts have also been taken up by bad players this year. On May 2, the Dao Tron Account was diverted; Meanwhile, on April 15, a member of the British Parliament, Lucy Powell, had her account took to promote a crypto scam token called the House of Commons (HOC).
Review: Crypto financial nihilism is over – it’s time to dream again
