Hackers have plundered approximately $570,000 from DeFi protocol Curve.Finance, according to a screenshot of the protocol’s wallet shared on Twitter late Tuesday.
Shortly after that announcement, the protocol’s operators said they have found the source of the hack and reverted the front-end issue.
“The issue has been found and reverted,” the protocol’s Telegram second announcement read. “If you have approved any contracts on Curve in the past few hours, please revoke immediately.” The protocol also advised users to use curve.exchange until the propagation of curve.fi reverts to normal.
The suspected hacker appears to have changed the protocol’s site’s DNS to forward users to a fake clone and approve a malicious contract. The program’s contract remained uncompromised, however.
In response to the hack, the protocol advised users in a Telegram message to refrain from using curve.fi or curve.exchange until the protocol’s operators locate the source of the exploit.
“We are becoming aware of a potential front end issue that is approving a bad contract,” the Telegram announcement read. “For now, please do not perform any approvals or swaps. We’re trying to locate the issue, but for now, for your safety, do not use curve.fi or curve.exchange.”
Curve.Finance is an integral part of the DeFi ecosystem due to its CRV token rewards emissions, which serve as a source of income for several other protocols.
