Alert: Curve Finance hacking still ongoing, over $600,000 siphoned off

The DeFi Curve protocol is currently being hacked through its front-end. Over $573,000 has already been taken by the attacker, Curve’s front-end is currently compromised.

Curve later appeared to confirm the ongoing hack on Twitter, writing, “Don’t use the front end yet. Investigating!“

Don’t use the frontend yet. Investigating! https://t.co/8kmtpGsLQQ

– Curve Finance (@CurveFinance) August 9, 2022

On-chain data shows that the malicious contract associated with the hack appears to have siphoned off over $573,000 in USDC and DAI from eight different victims so far. The funds, already transferred to the attacker’s wallet and exchanged for ETH tokens, were sent to several other addresses, first in batches of 45 ETH, then in amounts ranging from 20 to 22 ETH.

Currently, the hacker had also begun sending tokens through the crypto-currency shuffler Tornado Cash, which was sanctioned yesterday by the U.S. Treasury Department.

The Curve team suggested that the attacker likely cloned the Curve site, caused the domain name system (DNS) to be directed to the fraudulent site, and then added approval requests to the malicious contract. She further noted that curve.exchange, unlike curve.fi, does not appear to have been affected.

Curve Finance is a decentralized finance (DeFi) protocol that provides stablecoin exchange services.”extremely efficient” with low slippage and low fees. It is considered a pillar of the DeFi ecosystem, with over $6 billion in total value locked up.