Via their official Twitter handle, the Ethereum-based decentralized finance (DeFi) protocol Curve Finance has confirmed a vulnerability in their nameserver or frontend curve.fi which was successfully reverted. Earlier, the team behind the project advised caution to its users and claimed an investigation has been launched to look into any potential vulnerabilities exploit. Related Reading: TA- My Neighbor Alice Could Be Set For A Major Bounce – Eyes $5 The team behind the project said: The issue has been found and reverted. If you have approved any contracts on Curve in the past few hours, please revoke immediately. Please use curve.exchange for now until the propagation for curve.fi reverts to normal The team behind the project shared a potential theory about what could be affecting their frontend. A bad actor might have “cloned” their frontend, making it look like it is the same as the Curve Finance product, to affect people accessing it. The team behind the project shared the following theory from Lefteris Karapetsas, founder of Rotkia App, about the attack affecting their Domain Name System (DNS): It’s DNS spoofing. Cloned the site, made the DNS point to their ip where the cloned site is deployed and added approval requests to a malicious contract. Therefore, anyone attempting to access Curve Finance’s curve.fi frontend should refrain from it until there are more details behind the potential attack. In a separate twee...
