Sunday, June 23, 2024

Experts analyse the Curve Finance exploit and explain why it failed.

Curve is one among many crypt platforms to be hacked and lose investor funds. It is the largest to have been compromised after a DNS hijacking. Hackers who compromised the company’s landing page worked fast and converted stolen funds to tokens. They used several wallets, mixers, and exchanges to do this.

Curve did issue a statement asking its users not to access or carry out transactions via the website’s front end. This statement was issued on August 9th, Tuesday after the hijacking came to light and was flagged by several members. While the hijacking mechanism is still being investigated, experts agree that the hijacker had actually cloned the company website. After that, they rerouted traffic to the server and sent users to the fake new page. Users tried to log in and ended up losing their money.

Though Curve Finance managed to fix the situation fast, the hijackers still got away with more than $530,000 in USDC. This activity took place within the timeframe it took Curve to fix the problem. According to Curve’s experts, the company’s provider of DNS services got hacked and let the rest of the activity unfold.

According to available information, 360+ ETH were bought with the stolen funds so that a possible freeze of USDC could be avoided. The interesting this is that ETH was laundered through Tornado Cash, which is currently facing sanctions by the US Treasury. Elliptic, a blockchain analytics company is watching the flagged addresses closely, along with the original addresses based on the ETH platform. More than 20 ETH were moved to an unknown wallet, tagged as hot.

Cryptured Team
Cryptured Team
The writers team at Cryptured.com is composed of passionate and experienced journalists who cover the latest developments in the crypto and blockchain space. They aim to provide accurate, unbiased and easy-to-understand news and information for their readers, as well as insights and analysis from industry experts. The writers team is always on the lookout for new and exciting stories that can help the general public learn more about the potential and challenges of these technologies.
RELATED ARTICLES

Most Popular