Website of Decentralized Crypto Exchange Curve ‘Compromised’

Issue “found and reverted,” Curve says in latest tweet after investigation

by Ben Strack /
article-image

Blockworks exclusive art by axel Rangel

share

key takeaways

  • Curve.Exchange uses a different domain name system provider and seems to be unaffected
  • Twitter account foobar claimed at about 4:30 pm ET that roughly $570,000 worth of tokens had been stolen so far

The main website of decentralized digital asset exchange Curve Finance has been compromised in what appears to be the latest instance of a nefarious crypto exploit. 

The issue was “found and reverted,” Curve tweeted at 5:28 pm ET, pointing to this address as the contract that users should revoke.

Newsletter

Subscribe to Blockworks Daily

“If you have approved any contracts on Curve in the past few hours, please revoke immediately,” it wrote.

The firm warned users it’s looking into an apparent nameserver attack, saying its website should be avoided. It wasn’t immediately clear whether any funds had been compromised. 

“Don’t use http://curve.fi site – nameserver is compromised,” the company wrote in a tweet Tuesday. “Investigation is ongoing: likely the NS itself has a problem.”

In a subsequent tweet, Curve said that Curve.Exchange uses a different domain name system provider and seems to be unaffected, though noted that users still “need to proceed with caution.”

Curve urged domain registrar iwantmyname to “please do something” at 5:22 pm ET.

“We switched nameserver, but don’t rush to use http://curve.fi – wait a bit,” the decentralized exchange added.

Twitter account foobar claimed at about 4:30 pm ET that roughly $570,000 worth of tokens had been stolen so far, pointing to this address

Loading Tweet..

The incident comes after a hacker produced a phishing pop-up on Polygon and Fantom last month warning users their funds were at risk and urging them to enter their private account keys.

That hacker accessed Polygon and Fantom’s remote procedure call (RPC) interfaces through the Web3 infrastructure platform Ankr by tricking a third party domain name system (DNS) provider into giving the hacker access to Polygon and Fantom’s domains.

This is a developing story.

Updated Aug. 9, 2022, 5:52 pm

Get the news in your inbox. Explore Blockworks newsletters:

Tags

Upcoming Events

Digital Asset Summit 2025

Old Billingsgate

Mon - Wed, October 13 - 15, 2025

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

buy ticketslearn more

Permissionless IV

Industry City | Brooklyn, NY

TUES - THURS, JUNE 24 - 26, 2025

Permissionless IV serves as the definitive gathering for crypto’s technical founders, developers, and builders to come together and create the future.If you’re ready to shape the future of crypto, Permissionless IV is where it happens.

buy ticketslearn more

Permissionless IV Hackathon

Brooklyn, NY

SUN - MON, JUN. 22 - 23, 2025

Blockworks and Cracked Labs are teaming up for the third installment of the Permissionless Hackathon, happening June 22–23, 2025 in Brooklyn, NY. This is a 36-hour IRL builder sprint where developers, designers, and creatives ship real projects solving real problems across […]

learn more

recent research

Featured.png

Research

Helium: Decentralizing Telecom with Web3 Incentives

Helium stands at a pivotal moment in its evolution as a decentralized wireless network, balancing rapid growth, economic restructuring, and global expansion. With accelerated growth in domestic DAUs and Hotspots supporting its network, Helium is leveraging strategic partnerships and innovative proposals to scale internationally. The recent implementation of HIP 138, “Return to HNT,” has unified its token economy under HNT, simplifying participation and strengthening liquidity, while HIP 139’s phase-out of CBRS refocuses efforts on scalable Wi-Fi offload. Meanwhile, governance shifts under HIP 141 raise questions about centralization as Nova Labs consolidates control over the roadmap.

by Nick Carpinito

/

news

article-image

BusinessEmpire Newsletter

What DeFi founders could learn from stablecoin success

Dragonfly’s Rob Hadick discussed how the firm is approaching investments in the current market

by Katherine Ross /
article-image

Lightspeed NewsletterMarkets

SOL remains bullish amid broader market stagnation

The asset surged over the past seven days to reach its highest-ever weekly close on the SOL/ETH pair

by Jeff Albus /
article-image

Forward Guidance NewsletterMarkets

Demand for Canada solana ETFs could be muted as US versions wait their turn

Industry watchers note that SOL ETFs have attracted a fraction of the demand for bitcoin and ether ETFs

by Ben Strack /
article-image

Forward Guidance NewsletterMarkets

US equities, dollar continue to slip weeks after initial Liberation Day announcement

Tariff swings impact stock market and company outlooks, with Apple and NVidia likely to be affected by China tariffs

by Casey Wagner /
article-image

The DropWeb3

ZKsync tokens worth $5M swiped in admin account breach

The team says an attacker minted unclaimed tokens from ZKsync’s 2024 airdrop

by Kate Irwin /
article-image

0xResearch NewsletterDeFi

Optimum aims to deliver Web3’s missing memory layer

The MIT research-based protocol is live in private testnet — laying the foundation for decentralized RAM

by Macauley Peterson /