Curve is one among many crypt platforms to be hacked and lose investor funds. It is the largest to have been compromised after a DNS hijacking. Hackers who compromised the company’s landing page worked fast and converted stolen funds to tokens. They used several wallets, mixers, and exchanges to do this.
Curve did issue a statement asking its users not to access or carry out transactions via the website’s front end. This statement was issued on August 9th, Tuesday after the hijacking came to light and was flagged by several members. While the hijacking mechanism is still being investigated, experts agree that the hijacker had actually cloned the company website. After that, they rerouted traffic to the server and sent users to the fake new page. Users tried to log in and ended up losing their money.
Though Curve Finance managed to fix the situation fast, the hijackers still got away with more than $530,000 in USDC. This activity took place within the timeframe it took Curve to fix the problem. According to Curve’s experts, the company’s provider of DNS services got hacked and let the rest of the activity unfold.
According to available information, 360+ ETH were bought with the stolen funds so that a possible freeze of USDC could be avoided. The interesting this is that ETH was laundered through Tornado Cash, which is currently facing sanctions by the US Treasury. Elliptic, a blockchain analytics company is watching the flagged addresses closely, along with the original addresses based on the ETH platform. More than 20 ETH were moved to an unknown wallet, tagged as hot.