Casa Paura e avidità Piscine minerarie Portafogli Dizionario pubblicizzare Facebook Twitter Telegram Reddit Youtube
Mercato:
24h Vol:
Cryptocurrencies: 13285
Mercata: 101656
CoinInsight360.com logo CoinInsight360.com logo
ENG
EST
RUS
TUR
DEU
CHI
KOR
ITA
USD
USD
AED
AFN
ALL
AMD
ANG
AOA
ARS
AUD
AWG
AZN
BAM
BBD
BDT
BGN
BHD
BIF
BMD
BND
BOB
BRL
BTN
BWP
BYN
BZD
CAD
CDF
CHF
CLF
CLP
CNH
CNY
COP
CRC
CUC
CUP
CVE
CZK
DJF
DKK
DOP
DZD
EGP
ERN
ETB
EUR
FJD
FKP
GBP
GEL
GHS
GIP
GMD
GNF
GTQ
GYD
HKD
HNL
HRK
HTG
HUF
IDR
ILS
IMP
INR
ISK
JMD
JOD
JPY
KES
KGS
KHR
KMF
KPW
KRW
KWD
KYD
KZT
LAK
LBP
LKR
LRD
LSL
LYD
MAD
MDL
MGA
MKD
MMK
MNT
MOP
MRU
MUR
MVR
MWK
MXN
MYR
MZN
NAD
NGN
NIO
NOK
NPR
NZD
OMR
PAB
PEN
PGK
PHP
PKR
PLN
PYG
QAR
RON
RSD
RUB
RWF
SAR
SBD
SCR
SDG
SEK
SGD
SHP
SLL
SRD
SSP
STD
STN
SVC
SYP
SZL
THB
TJS
TMT
TND
TOP
TRY
TTD
TWD
TZS
UAH
UGX
UYU
UZS
VES
VND
VUV
WST
ZAR
ZMW
ZWL
America's Social Casino

Mercato
24h Vol
13285
Cryptocurrencies
61.12%
Bitcoin Condividere
crypto.news 2025-05-13 07:46:47

Curve Finance battles DNS hijack days after X account breach

Curve Finance battles DNS hijack days after X account breach

Curve Finance has warned users not to interact with its website after a domain name system hijack redirected users to a malicious clone designed to drain wallets. On May 12, the DeFi platform issued a warning on X, alerting users that “curve.fi DNS might be hijacked” and advising against any interaction. The incident involves the DNS of Curve’s official website being rerouted to a malicious front end. In a frontend hijack , attackers compromise the user-facing layer of a website, including interface elements like buttons, forms, and scripts, to intercept user inputs or trick them into authorising malicious transactions. Visiting the compromised domain could lead users to connect wallets and unknowingly give attackers access to their funds. In a follow-up update, Curve Finance clarified that while Curve’s smart contracts remain secure, the domain now “points to the wrong IP.” According to the Curve team, the platform’s two-factor authentication remains secure, and a support request has been submitted to the domain registrar to recover control of the DNS. You might also like: Ledger hardware wallet’s users targeted by mail, reportedly exploiting data leaked in 2020 breach As of the last update, the team said it is still investigating the incident and has urged users to refrain from interacting with the website until the correct domain settings are restored. “The hackers barely even tried,” said David Zhang, co-founder of Web3 fiat onramp Stably. In an X post, Zhang pointed out that the hijack involved little more than a drainer link embedded in a clickable screenshot. The hackers barely even tried. They just replaced the site with a clickable screenshot and a drainer link This could’ve been so much deadlier if they tried… https://t.co/dwA4KOQ77j pic.twitter.com/ZnDItBDJyi — David Zhang (▲) (@dazhengzhang) May 13, 2025 For Curve, this was the second time its DNS had been hijacked. In August 2022, attackers exploited a similar vulnerability, but at the time, over $570,000 worth of crypto assets were siphoned before the issue was contained. Binance froze over $450,000 after the attacker attempted to move assets through its exchange, while Fixed Float recovered around 112 ETH. Curve later changed its DNS provider and advised users to revoke approvals linked to the compromised domain. The incident also appeared to weigh on market sentiment, with CRV, the native token of Curve DAO, down over 7% in the past 24 hours when writing. The latest DNS hijack comes just days after Curve Finance’s X account was compromised. On May 5, a hacker briefly took control of the platform’s social media handle, using the account to post phishing links. The incident was quickly contained, and Curve later clarified that no user funds were affected. “No security issues were found on our side, no user funds were impacted, no victims of phishing links which the hacker posted. All Curve systems remain fully operational,” Curve Finance wrote in a May 6 X post . Similar attacks have targeted X accounts of several other crypto projects and public figures in recent weeks, often to spread phishing links or promote scam tokens. Read more: Crypto hack and scam losses total $364m in April: CertiK

La maggior parte ha letto le notizie

Moralis Money
Mercato
24h Vol
61.12%
Bitcoin Condividere
782
Oggi notizie
Leggi la dichiarazione di non responsabilità : Tutti i contenuti forniti nel nostro sito Web, i siti con collegamento ipertestuale, le applicazioni associate, i forum, i blog, gli account dei social media e altre piattaforme ("Sito") sono solo per le vostre informazioni generali, procurati da fonti di terze parti. Non rilasciamo alcuna garanzia di alcun tipo in relazione al nostro contenuto, incluso ma non limitato a accuratezza e aggiornamento. Nessuna parte del contenuto che forniamo costituisce consulenza finanziaria, consulenza legale o qualsiasi altra forma di consulenza intesa per la vostra specifica dipendenza per qualsiasi scopo. Qualsiasi uso o affidamento sui nostri contenuti è esclusivamente a proprio rischio e discrezione. Devi condurre la tua ricerca, rivedere, analizzare e verificare i nostri contenuti prima di fare affidamento su di essi. Il trading è un'attività altamente rischiosa che può portare a perdite importanti, pertanto si prega di consultare il proprio consulente finanziario prima di prendere qualsiasi decisione. Nessun contenuto sul nostro sito è pensato per essere una sollecitazione o un'offerta