US EditionCurve Finance moves to new domain after DNS attack exposes security risks
- On May 12, 2025, Curve Finance's official domain was compromised, causing visitors to be redirected to a fraudulent website crafted to steal funds from connected wallets.
- This incident followed a recent takeover of Curve’s social media account and mirrored a similar DNS hijack from August 2022 involving $570,000 in losses.
- Curve Finance confirmed the smart contracts and two-factor authentication remain secure, while the security team engaged the domain registrar to recover control.
- Security experts explained the attack exploited the trusted interface layer by manipulating DNS records, causing users to unknowingly authorize malicious transactions despite seeing the correct URL.
- Curve Finance urged users to avoid interacting with the compromised site until the issue is resolved, highlighting ongoing risks from infrastructure-level exploits in crypto projects.
This story is only covered by news sources that have yet to be evaluated by the independent media monitoring agencies we use to assess the quality and reliability of news outlets on our platform. Learn more here.14 Articles
14 Articles
Curve Finance Shifts To New Domain After DNS Attack
Decentralised finance (DeFi) protocol Curve Finance has changed its official web domain from Curve.fi to Curve.finance in a firm is a step to improve security. This change results from a recent DNS hijack that sent users to a phony website, creating major phishing concerns. DNS Hijacking Compromises User Access Curve Finance came upon illegal changes to its Domain Name System (DNS) data on August 9, 2022. Attackers used this weakness to send vis…
Bitcoin Ethereum News
Crypto News Wire - Latest Crypto News And AnalysisCurve Finance moves to new domain after DNS attack exposes security risks
The post Curve Finance moves to new domain after DNS attack exposes security risks appeared on BitcoinEthereumNews.com. Curve Finance is moving permanently to a new web domain following a targeted DNS attack that exposed users to phishing risks. On May 13, the DeFi protocol confirmed that it will operate on Curve.finance, replacing the compromised Curve.fi. The protocol explained that it was making the move because of the prolonged downtime and …
Urgent: Curve Finance DNS Attack Highlights Critical DeFi Security Flaw
The world of decentralized finance (DeFi) faced a scare recently when prominent platform Curve Finance confirmed a security incident. This wasn’t a direct smart contract exploit, but rather a sophisticated attack targeting the very entry point for users: the website’s domain name system (DNS). Understanding the Curve Finance DNS Attack On [Insert Date of Attack if known, otherwise state ‘a recent date’], Curve Finance announced via its official …
Curve Finance warns users after website and X account hacks
Curve Finance warns users after website and X account hacks Top decentralized exchange Curve Finance has warned users to avoid its curve.fi website due to an ongoing DNS hijacking attack, which redirects users to a malicious wallet drainer. Last week, Curve’s X account was hacked to promote a phishing website, another common scam facing crypto users. Approximately two hours after the initial alert, Curve confirmed that curve.fi “points to a mal…
Curve DAO (CRV) price drops as Curve Finance battles DNS attack
Curve Finance DNS hijack redirected users to a malicious clone site. CRV price has slid about 7.7% as investors panicked and dumped tokens. Curve Finance plans migration from DNS to ENS to enhance front-end security. Late on May 12, Curve Finance warned in an X post that its “curve.fi” domain might be hijacked, and users were urged to avoid the site altogether. Seems like https://t.co/vOeMYOTq0l DNS might be hijacked. Don't interact! — Curve Fi…
Coverage Details
Bias Distribution
- There is no tracked Bias information for the sources covering this story.
To view factuality data please Upgrade to Premium
Ownership
To view ownership data please Upgrade to Vantage
