Curve Finance confirmed that its front-end website was compromised due to a DNS attack that redirected users to a malicious site. This attack involved manipulating DNS records to direct traffic to a fake version of the Curve interface, where harmful scripts trick users into authorizing token transfers. The team stated that while user funds are safe and Curve's smart contracts remain secure, this incident highlights a broader security issue within the crypto industry, with recent patterns of attacks targeting project infrastructures. This is not the first compromise for Curve; similar incidents occurred in 2022 and 2023, leading to significant financial losses. The security team has isolated the problem and is cooperating with their domain registrar to resolve the situation.

Source đź”—