- Binance traced and frozen or recovered 83% of the siphoned funds.
- Curve.Finance is more likely to switch over to ENS post this hack.
Malicious hacks and money laundering in the DeFi space are now in full swing. Curve.Finance, one of the top DeFi protocols, turned out to be the recent victim of nearly a $570k hack. On Friday, Binance CEO Changpeng Zhao revealed that the exchange had frozen or recovered $450,000 of the stolen funds.
Binance froze/recovered $450k of the Curve stolen funds, representing 83%+ of the hack. We are working with LE to return the funds to the users. The hacker kept on sending the funds to Binance in different ways, thinking we can’t catch it. 😂#SAFU https://t.co/Ekea9moeAw
— CZ 🔶 Binance (@cz_binance) August 12, 2022
Hackers of this Curve DNS hijack have dumped the stolen funds majorly on Binance to convert them into other tokens. This largest crypto exchange seems to have succeeded in tracing out the activities of the hackers. CZ also announced that Binance is working closely with Law Enforcement to return the funds to the users who were exposed to this hack.
On August 10, Curve.Finance’s nameserver “curve.fi” was subjected to DNS cache poisoning due to its exposure to a malicious contract from the hackers. This frontend hijack drained nearly $570,000 from the user’s wallet.
The Curve.Finance developers managed to fix this issue a few hours post the attack. After resolving the issue, the developers alarmed their users to “revoke contracts”. They also warned the users not to fall into the traps of fake accounts that continue to dupe Curve Finance.
This malicious attack on the largest DeFi protocol, Curve.Fiance, alerts the other protocols to switch from the vulnerable DNS server to the Ethereum Name Service (ENS) to withstand in the web3 space.