[ad_1]
At the last minute of May 12, Curve Finance warned in an X publication that its domain “curve.fi” could be kidnapped, and users were urged to avoid the site completely.
Sems Like https://t.co/voemyotq0l DNS MIGHT BE HIJACED. Don’s interact!
– Curve Finance (@curvefinance) May 12, 2025
According to An update issued by Curve Finance On Xthe attackers redirected the DNS entries of the Official Website of Curve to a front-end clone designed to drain the wallets through a deceptively simple drain bond embedded on the page.
Although the intelligent contracts of the platform are not affected and are safe, the domain committed now points to an IP address controlled by malicious actors.
Wallet suppliers like Phantom responded quickly by blocking the address “Curve.FI” and showing outstanding warnings to users who were trying to connect.
After the attack, Curve Finance has opened a complete investigation, involving security partners and their domain registrar to recover control and restore the genuine site.
The price of Token Curve Dao (CRV) falls
Following the DNS attack, the CRV price has fallen to around USD 0.7231 in the live coinmarketcap graphicmarking a 7.7% decrease in the last 24 hours as panic extended among investors.
As the price falls, the volume of operations has increased to more than USD 188 million, since the holders rushed out of the positions in the midst of the security crisis that is being developed.
In addition, the market capitalization of the Token has fallen to approximately USD 973.1 million, which underlines the tangible impact of vulnerabilities outside the chain on assets within the chain.
Although the USD 105,000 Bitcoin setback to USD 102,000 contributed to some downward pressure, analysts agree that the DNS incident served as the main catalyst for the massive sale of Curve Dao (CRV).
The technical indicators show that CRV reviews the price ranges last before the recent commercial agreement between China and the US, which reflects greater volatility and the concern of investors.
It is the second time Curve Finance faces a DNS attack
The May 13 attack marks the second DNS rape in the Front-End of Curve Finance, after a similar incident in July 2023 when around USD 61 million were diverted before containment.
On that occasion, Binance froze more than USD 450,000 after the culprit tried to wash funds through its exchange, while Fixed Flaat recovered around 112 ETH.
Subsequently, Curve changed DNS supplier and advised users to revoke all approves linked to committed domain, but the risk of the front-end remained without approaching.
The social networks of the protocol have also been attacked, and their X account was briefly kidnapped on May 5 to publish Phishing links before being claimed on May 6.
Yesterday, The Official @Curvefinance X Account was committed. As You Already Know, Access Has Been Fully Restored.
To clarify: The Incident was Limited Strictly to the X Account. Not Other Curve Accounts were affected. No Security Issues Were Found on Our Side, no User Funds … https://t.co/8bci75uzgr
– Curve Finance (@curvefinance) May 6, 2025
While Curve Finance has reiterated that users’ funds were not affected, the cumulative sequence of violations has eroded user confidence in the external infrastructure of the platform.
Users have expressed their frustration for curve inability to ensure their layers for the public despite the solid on-chain protocols, and a commentator said that “safe contracts do not matter much when the domain itself is the weak link.”
Security experts emphasize that the vulnerabilities of the Front-End propose existential risks for Defi, since the wallet connections and transactions approvals are mediated through user interfaces.
Industry colleagues are closely monitoring curve remediation efforts, understanding that a successful migration of ENS could establish a new standard for protocol safety.
Meanwhile, investors are attentive to CRV results in search of recovery signs or new falls, and the general market conditions also play a fundamental role.
Curve Finance will go from DNS to ESE
In response to the last attack, Curve Finance confirmed his plans to abandon the traditional DNS in favor of the Ethereum Name Service (ENS) for his directions legible by humans.
Unlike DNS, ESC uses intelligent contracts in the Ethereum block chain to manage the nomenclature, eliminating the dependence of centralized registrars and accommodation suppliers.
With the transition to Ens, Curve aims to strengthen the security of the front-end and minimize the attack surface that allowed malicious actors to kidnap their domain.
The change to “curve.finance” under the governance of ESE represents a structural change towards decentralization beyond intelligent contracts.
As Curve Finance works diligently to restore its official website and complete its transition to ENS, the CRV price trajectory remains uncertain in the short term.
For now, CRV investors must navigate greater volatility and evolutionary security measures while Curve Finance recovers from another front-end exploit.
[ad_2]
https%3A%2F%2Fcoinjournal.net%2Fes%2Fnoticias%2Fel-precio-de-curve-dao-crv-cae-mientras-curve-finance-lucha-contra-el-ataque-de-dns%2F