The hacker (or group) targeted the Curve domain name, redirecting incoming Curve users to another malicious web address. According to the Curve developers, the Curve.fi nameserver site had suffered a breach.
Don’t use the frontend yet. Investigating! https://t.co/8kmtpGsLQQ
— Curve Finance (@CurveFinance) August 9, 2022
The platform claims to have investigated and resolved the breach.
Zackxt, a Web3 on-chain investigator, has claimed that the stolen funds were deposited into the FixedFload crypto exchange to be legalized.
Looks like $570k stolen
0x50f9202e0f1c1577822BD67193960B213CD2f331 pic.twitter.com/IG6nIKVv59
— ZachXBT (@zachxbt) August 9, 2022
In response to Zackxt’s alert, FixedFloat acted in a timely manner and was able to capture ETH of $191,088 (approximately Rs 1.5 crore), which is equivalent to ETH 112.
Our security department has frozen part of the funds in the amount of 112 ETH. In order for our security department to be able to sort out what happened as soon as possible, please email us: [email protected]
— FixedFloat⚡️ (@FixedFloat) August 9, 2022
The attack on Curve Finance is part of the fifth large-scale hack on crypto firms in the past month.
In July, NFT registration platform Premint lost 320 NFTs in a hack attack. It was found that the hackers sold the stolen NFTs in 275 Ether tokens for a total of $400,000 (approximately Rs.3.20 crores).
