The decentralized financial platform Curve Finance reported an attack on its external interface due to DNS hijacking that occurred on the night of May 13, 2025. The attackers redirected traffic to a fake site that imitated the official Curve interface, with embedded malicious scripts to steal users' funds. The Curve Finance team promptly warned users through X, urging them not to interact with the domain curve.fi and not to sign transactions. Smart contracts and the platform's internal systems remained intact, and the protocol continues to operate without disruptions.
Curve Finance is already working on restoring access to the domain and is transitioning to a new domain for secure interactions. This incident marks the second cyberattack on the platform in a month — last week, its account on X was hacked. The event has raised concerns in the community, as such attacks threaten the security of DeFi users.
Stay updated and join #MiningUpdates to stay informed! #CurveFinance #DNSAttack #DeFiSecurity #CryptoNews