Website of Decentralized Crypto Exchange Curve ‘Compromised’

Issue “found and reverted,” Curve says in latest tweet after investigation

by Ben Strack /
article-image

Blockworks exclusive art by axel Rangel

share

key takeaways

  • Curve.Exchange uses a different domain name system provider and seems to be unaffected
  • Twitter account foobar claimed at about 4:30 pm ET that roughly $570,000 worth of tokens had been stolen so far

The main website of decentralized digital asset exchange Curve Finance has been compromised in what appears to be the latest instance of a nefarious crypto exploit. 

The issue was “found and reverted,” Curve tweeted at 5:28 pm ET, pointing to this address as the contract that users should revoke.

Newsletter

Subscribe to The Breakdown

“If you have approved any contracts on Curve in the past few hours, please revoke immediately,” it wrote.

The firm warned users it’s looking into an apparent nameserver attack, saying its website should be avoided. It wasn’t immediately clear whether any funds had been compromised. 

“Don’t use http://curve.fi site – nameserver is compromised,” the company wrote in a tweet Tuesday. “Investigation is ongoing: likely the NS itself has a problem.”

In a subsequent tweet, Curve said that Curve.Exchange uses a different domain name system provider and seems to be unaffected, though noted that users still “need to proceed with caution.”

Curve urged domain registrar iwantmyname to “please do something” at 5:22 pm ET.

“We switched nameserver, but don’t rush to use http://curve.fi – wait a bit,” the decentralized exchange added.

Twitter account foobar claimed at about 4:30 pm ET that roughly $570,000 worth of tokens had been stolen so far, pointing to this address

Loading Tweet..

The incident comes after a hacker produced a phishing pop-up on Polygon and Fantom last month warning users their funds were at risk and urging them to enter their private account keys.

That hacker accessed Polygon and Fantom’s remote procedure call (RPC) interfaces through the Web3 infrastructure platform Ankr by tricking a third party domain name system (DNS) provider into giving the hacker access to Polygon and Fantom’s domains.

This is a developing story.

Updated Aug. 9, 2022, 5:52 pm

Get the news in your inbox. Explore Blockworks newsletters:

Tags

Newsletter

The Breakdown

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Digital Asset Summit 2025

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

buy ticketslearn more

Permissionless IV

Industry City | Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

buy ticketslearn more

Permissionless IV Hackathon

Brooklyn, NY

SUN - MON, JUN. 22 - 23, 2025

Blockworks and Cracked Labs are teaming up for the third installment of the Permissionless Hackathon, happening June 22–23, 2025 in Brooklyn, NY. This is a 36-hour IRL builder sprint where developers, designers, and creatives ship real projects solving real problems across […]

learn more

recent research

Research Report Templates (19).png

Research

Suilend's Multi-Product DeFi Suite

Suilend has grown into the top money market and liquid staking provider on Sui. STEAMM, Suilend’s Superfluid AMM, presents a compelling avenue for growing market share within Sui’s DEX landscape and revenue generation for the protocol. Suilend’s multi-product suite position it well for owning market share across key verticals. While current metrics across the Sui ecosystem are likely inflated due to Sui Foundation incentive programs, SEND trades at amongst the lowest multiples in the lend/borrow sector, suggesting that a bull case for continued growth in the ecosystem may be mispriced.

by Luke Leasure

/

news

article-image

PeopleSupply Shock

Bitcoin whale watching is a sport for having fun, staying poor

Let’s go whale watching, Bitcoin style: Investigating the mysterious “12ib7” wallet now worth $3.2 billion

by David Canellis /
article-image

Business

CEO shakeup at crypto L2 startup Morph, Cecilia Hsueh to step down

Bitget’s L2 is undergoing a leadership change and will be helmed by Colin Goltra, formerly the blockchain’s chief growth officer

by Katherine Ross /
article-image

BusinessEmpire Newsletter

VC funding topped $594M in May: Blockworks Research

The funding was spread out across 61 rounds, a slight dip in both number of rounds and total funding in comparison to other months

by Katherine Ross /
article-image

The Breakdown

Friday Charts: Click here for good news

Why is it controversial to say things are better than they used to be?

by Byron Gilliam /
article-image

BusinessLightspeed Newsletter

Solana to get first Kaito-like mindshare leaderboard

Wallchain could make influencer ROI more measurable for Solana businesses

by Jack Kubinec /
article-image

BusinessForward Guidance Newsletter

Digesting Stablecon: Execs bullish on imminent financial infrastructure revolution

Visa executive says every financial institution should have a stablecoin strategy in 2025

by Ben Strack /