Curve Finance has alerted users to a second DNS hijacking incident, which directs them to a malicious website. The team issued a warning on May 12, advising that the curve.fi domain may have been compromised and urging users not to interact with it. They confirmed all smart contracts remain secure, but the domain's redirection to a harmful site poses risks of wallet drainage. Onchain security firm Blockaid noted unusual activity on the Curve website, labeling it a possible front-end attack, where attackers manipulate user interaction elements to steal information. Users are advised to avoid any transactions until the issue is resolved. This incident follows another attack on May 5 which targeted Curve's X account but was contained without affecting other accounts or user funds. The ongoing investigations aim to restore proper access and address the situation swiftly.

Source 🔗