Curve Finance DNS exploit resolved

0
22

Over $530k was stolen from Curve Finance Tuesday after a hacker was able to take control of the nameserver to reroute the DNS to a malicious server. The front end of the Curve website was cloned to trick users into believing they were interacting with a legitimate site.

On the surface, the SSL certificate, domain name, and website content were identical to the real version of the site, giving users little chance to identify the exploit. The correct IP for Curveā€™s server has been released and information on how to check this can be found at the end of this article.

Within an hour, Curve had updated its Twitter account to pinpoint the malicious contract that should be revoked from all usersā€™ wallets. The update followed a statement confirming that the platform had ā€œfound and revertedā€ the issue.

As of 7 PM GMT on August 10, Curve advises users to take additional precautions when interacting with its dApp. The issue has been resolved, but not all DNS records have been updated worldwide at this time. Users who understand how to verify an IP are safe to use the platform; others should use curve.exchange in the meantime.

Tetherā€™s CTO Paolo Ardoino commented on the hack Wednesday afternoon to state,

ā€œThis attack demonstrates once again that the ingenuity of hackers presents a near and ever-present danger to our industryā€¦ We applaud Curve for its ability to be able to pinpoint the source of the hack, and speedily act. This is exactly how a protocol should react during a time when customersā€™ funds are at risk.ā€

How to check if curve.fi resolves to the correct server

For those wishing to use Curve Finance the following methods can be used to check how the IP address resolves at your location.

Windows

  1. Press ā€œWindows + Rā€
  2. In the Run dialogue box, type ā€œcmdā€ and hit enter
  3. A window will open, and it in type ā€œping curve.fiā€
  4. The result should return the IP address ā€œ76.76.21.21ā€
  5. If it does, then your current internet connection is resolving to the correct server for the domain

Mac

  1. Press ā€œCmd + Spaceā€
  2. Type ā€œterminalā€ and open the ā€œTerminalā€ app
  3. A window will open, and it in type ā€œping curve.fiā€
  4. The result should return the IP address ā€œ76.76.21.21ā€
  5. If it does, then your current internet connection is resolving to the correct server for the domain

However, in an abundance of caution, users are still advised to use curve.exchange until the Curve team releases a further update to confirm all DNS records have propagated.

Posted In: DeFi, Hacks, Outage


Credit: Source link

ads

LEAVE A REPLY

Please enter your comment!
Please enter your name here