In a dramatic move following a malicious DNS hijack 🧨, Curve Finance ($CRV ) has ditched its original domain Curve.fi and migrated permanently to Curve.finance 🌐. On May 12, attackers rerouted traffic from the compromised domain to a fake website designed to phish users' wallet info 😱. The malicious site mimicked Curve’s interface and lured users into signing wallet-draining transactions. Although Curve’s internal systems and smart contracts remained untouched 🔒, the slow response from the .fi domain registrar pushed the team to permanently switch to a safer and more responsive domain.
Curve isn’t new to DNS threats — back in 2022, the platform lost over $530,000 in a similar attack 😓. And just days before this recent breach, hackers also temporarily hijacked Curve’s X (Twitter) account to spread phishing links 💬🕵️♂️. These back-to-back incidents show a dangerous new trend in crypto: attackers are no longer targeting code but exploiting web infrastructure vulnerabilities 🛠️. Despite the chaos, Curve assured users that funds were never at risk, and the team acted swiftly to contain the threat and freeze the compromised domain.
To protect its future, Curve has announced plans to also introduce a .eth ($ETH ) domain via Ethereum Name Service (ENS) 🧬 — a decentralized alternative to traditional DNS systems. This shift reflects a growing demand for Web3-native solutions to Web2 security problems. While the CRV token initially dipped by 7%, it bounced back quickly, showing investor confidence remains intact 💪📈. As the DeFi space matures, Curve's quick reaction and strategic pivot might just become a textbook case in crypto crisis management 🚀.