{"id":482853,"date":"2022-08-10T00:19:37","date_gmt":"2022-08-09T21:19:37","guid":{"rendered":"https:\/\/en.buradabiliyorum.com\/breaking-curve-finance-team-warns-users-to-avoid-using-site-until-further-notice\/"},"modified":"2022-08-10T00:19:37","modified_gmt":"2022-08-09T21:19:37","slug":"breaking-curve-finance-team-warns-users-to-avoid-using-site-until-further-notice","status":"publish","type":"post","link":"https:\/\/buradabiliyorum.com\/en\/breaking-curve-finance-team-warns-users-to-avoid-using-site-until-further-notice\/","title":{"rendered":"# BREAKING: Curve Finance team warns users to avoid using site until further notice"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_84 counter-hierarchy ez-toc-counter ez-toc-custom ez-toc-container-direction\">\n<p class=\"ez-toc-title\" style=\"cursor:inherit\">Table of Contents<\/p>\n<label for=\"ez-toc-cssicon-toggle-item-6a242e992cff0\" class=\"ez-toc-cssicon-toggle-label\"><span class=\"\"><span class=\"eztoc-hide\" style=\"display:none;\">Toggle<\/span><span class=\"ez-toc-icon-toggle-span\"><svg style=\"fill: #dd3333;color:#dd3333\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" class=\"list-377408\" width=\"20px\" height=\"20px\" viewBox=\"0 0 24 24\" fill=\"none\"><path d=\"M6 6H4v2h2V6zm14 0H8v2h12V6zM4 11h2v2H4v-2zm16 0H8v2h12v-2zM4 16h2v2H4v-2zm16 0H8v2h12v-2z\" fill=\"currentColor\"><\/path><\/svg><svg style=\"fill: #dd3333;color:#dd3333\" class=\"arrow-unsorted-368013\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" width=\"10px\" height=\"10px\" viewBox=\"0 0 24 24\" version=\"1.2\" baseProfile=\"tiny\"><path d=\"M18.2 9.3l-6.2-6.3-6.2 6.3c-.2.2-.3.4-.3.7s.1.5.3.7c.2.2.4.3.7.3h11c.3 0 .5-.1.7-.3.2-.2.3-.5.3-.7s-.1-.5-.3-.7zM5.8 14.7l6.2 6.3 6.2-6.3c.2-.2.3-.5.3-.7s-.1-.5-.3-.7c-.2-.2-.4-.3-.7-.3h-11c-.3 0-.5.1-.7.3-.2.2-.3.5-.3.7s.1.5.3.7z\"\/><\/svg><\/span><\/span><\/label><input type=\"checkbox\"  id=\"ez-toc-cssicon-toggle-item-6a242e992cff0\" checked aria-label=\"Toggle\" \/><nav><ul class='ez-toc-list ez-toc-list-level-1 ' ><li class='ez-toc-page-1 ez-toc-heading-level-1'><a class=\"ez-toc-link ez-toc-heading-1\" href=\"https:\/\/buradabiliyorum.com\/en\/breaking-curve-finance-team-warns-users-to-avoid-using-site-until-further-notice\/#%E2%80%9D_BREAKING_Curve_Finance_team_warns_users_to_avoid_using_site_until_further_notice_%E2%80%9C\" >&#8221; BREAKING: Curve Finance team warns users to avoid using site until further notice &#8220;<\/a><\/li><\/ul><\/nav><\/div>\n<h1><span class=\"ez-toc-section\" id=\"%E2%80%9D_BREAKING_Curve_Finance_team_warns_users_to_avoid_using_site_until_further_notice_%E2%80%9C\"><\/span>&#8221; BREAKING: Curve Finance team warns users to avoid using site until further notice &#8220;<span class=\"ez-toc-section-end\"><\/span><\/h1>\n<p><img decoding=\"async\" src=\"https:\/\/images.cointelegraph.com\/images\/840_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDgvNzZkN2JlNWMtNDQ5ZS00NzdhLWJjMDEtYzhkY2M1NDJlM2E3LmpwZw==.jpg\" \/><\/p>\n<div class=\"post-content\" data-v-28d77a7a>On Aug 9, automated market maker Curve Finance took to <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/social-mediaa\/\" data-internallinksmanager029f6b8e52c=\"1\" title=\"Social Media\" target=\"_blank\" rel=\"noopener\">Twitter<\/a> to warn users of an ongoing exploit on its site. The team behind the protocol noted that the issue, which <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/download-scripts-themes-apps\/\" data-internallinksmanager029f6b8e52c=\"9\" title=\"Download Scripts &amp; Themes &amp; Apps\" target=\"_blank\" rel=\"noopener\">app<\/a>ears to be an attack from a malicious actor, was affecting the service\u2019s nameserver and frontend.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Don&#8217;t use <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/vOeMYOTq0l\">https:\/\/t.co\/vOeMYOTq0l<\/a> site &#8211; nameserver is compromised. Investigation is ongoing: likely the NS itself has a problem<\/p>\n<p>\u2014 Curve Finance (@CurveFinance) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/CurveFinance\/status\/1557107088962224132?ref_src=twsrc%5Etfw\">August 9, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><br \/>\nCurve stated via Twitter that its exchange \u2014 which is a separate product \u2014 appeared to be unaffected by the attack, as it uses a different DNS provider. The team still encouraged users to exercise caution when interacting with the site, however.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Although you need to proceed with caution, but <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/t.co\/6ZFhcToWoJ\">https:\/\/t.co\/6ZFhcToWoJ<\/a> seems to be unaffected &#8211; uses a different DNS provider<\/p>\n<p>\u2014 Curve Finance (@CurveFinance) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/CurveFinance\/status\/1557110654284304384?ref_src=twsrc%5Etfw\">August 9, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Twitter user\u00a0LefterisJP\u00a0speculated that the alleged attacker had likely utilized DNS spoofing to execute the exploit on the service:<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">It&#8217;s DNS spoofing. Cloned the site, made the DNS point to their ip where the cloned site is deployed and added approval requests to a malicious contract.<\/p>\n<p>\u2014 Lefteris Karapetsas | Hiring for @rotkiapp (@LefterisJP) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/LefterisJP\/status\/1557103336083623936?ref_src=twsrc%5Etfw\">August 9, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Other participants in the DeFi space quickly took to Twitter to spread the warning to their own followers, with some noting that the alleged thief appears to have stolen more than $573K USD at time of publication.<\/p>\n<blockquote class=\"twitter-tweet\">\n<p lang=\"en\" dir=\"ltr\">Alert to all <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/CurveFinance?ref_src=twsrc%5Etfw\">@CurveFinance<\/a> users, their frontend has been compromised!<\/p>\n<p>Do not interact with it until further notice!<\/p>\n<p>It appears around $570k stolen so far <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/hashtag\/defi?src=hash&amp;ref_src=twsrc%5Etfw\">#defi<\/a> <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/hashtag\/crypto?src=hash&amp;ref_src=twsrc%5Etfw\">#crypto<\/a> <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/search?q=%24crv&amp;src=ctag&amp;ref_src=twsrc%5Etfw\">$crv<\/a><\/p>\n<p>\u2014 Assure DeFi (@AssureDefi) <a rel=\"nofollow noopener\" target=\"_blank\" href=\"https:\/\/twitter.com\/AssureDefi\/status\/1557105692909125634?ref_src=twsrc%5Etfw\">August 9, 2022<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p>Back in July, analysts suggested that they were favorably eying Curve Finance, despite the market downturn which continues to affect the larger DeFi space. Among the reasons cited by researchers at Delphi Digital for their bullishness, they specifically called out the platform&#8217;s yield opportunities, the demand for CRV deposits, and the protocol&#8217;s revenue generation from stablecoin liquidity.<\/p>\n<p>This followed the platform&#8217;s release of a new\u00a0\u201calgorithm for exchanging volatile assets\u201d\u00a0in June, which\u00a0promised to allow low-slippage swaps between \u201cvolatile\u201d assets.\u00a0These pools use a combination of internal oracles relying on Exponential Moving Averages (EMAs) and a bonding curve model, previously deployed by popular AMMs such as Uniswap. <\/p>\n<p><em>This story is in development, and will be updated as more information becomes available.<\/em><\/p>\n<p><template data-name=\"subscription_form\" data-type=\"defi_newsletter\"><\/template><\/p>\n<\/div>\n<blockquote><p><strong><span style=\"color: #ff6600;\">If you liked the article, do not forget to share it with your friends. Follow us on\u00a0<span style=\"color: #ff0000;\"><a style=\"color: #ff0000;\" href=\"https:\/\/news.google.com\/publications\/CAAqBwgKMLG0nwswvr63Aw\" target=\"_blank\" rel=\"nofollow noopener noreferrer\">Google News<\/a><\/span>\u00a0too, click on the star and choose us from your favorites.<\/span><\/strong><\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\">For forums sites go to <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/forum.buradabiliyorum.com\/\" target=\"_blank\" rel=\"noopener\">Forum.BuradaBiliyorum.Com<\/a><\/span><\/strong>\n<\/p><\/blockquote>\n<blockquote>\n<p style=\"text-align: center;\"><strong>If you want to read more <a href=\"https:\/\/buradabiliyorum.com\/en\/category\/news\/\" data-internallinksmanager029f6b8e52c=\"2\" title=\"News\" target=\"_blank\" rel=\"noopener\">News<\/a> articles, you can visit our <span style=\"color: #ff9900;\"><a style=\"color: #ff9900;\" href=\"https:\/\/en.buradabiliyorum.com\/general\/\" target=\"_blank\" rel=\"noopener\">General category.<\/a><\/span><\/strong><\/p>\n<\/blockquote>\n<p><span style=\"color: black;\"><a style=\"color: #ff9900;\" href=\"https:\/\/cointelegraph.com\/news\/breaking-curve-finance-team-warns-users-to-avoid-using-site-until-further-notice\" target=\"_blank\" rel=\"noopener\">Source<\/a><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>&#8221; BREAKING: Curve Finance team warns users to avoid using site until further notice &#8220; On Aug 9, automated market maker Curve Finance took to Twitter to warn users of an ongoing exploit on its site. The team behind the protocol noted that the issue, which appears to be an attack from a malicious actor,&#8230;<\/p>\n","protected":false},"author":1,"featured_media":482854,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"fifu_image_url":"https:\/\/images.cointelegraph.com\/images\/1200_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS91cGxvYWRzLzIwMjItMDgvNzZkN2JlNWMtNDQ5ZS00NzdhLWJjMDEtYzhkY2M1NDJlM2E3LmpwZw==.jpg","fifu_image_alt":"","footnotes":""},"categories":[1],"tags":[74894,74860,74983,74877,74868,74891,93542,70375,4965],"class_list":["post-482853","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-general","tag-blockchain","tag-cryptocurrency-exchange","tag-decentralization","tag-decentralized-exchange","tag-defi","tag-ethereum","tag-web3","tag-cybersecurity","tag-technology"],"_links":{"self":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/482853","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/comments?post=482853"}],"version-history":[{"count":0,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/posts\/482853\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media\/482854"}],"wp:attachment":[{"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/media?parent=482853"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/categories?post=482853"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/buradabiliyorum.com\/en\/wp-json\/wp\/v2\/tags?post=482853"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}