Crypto news

You Won’t Believe How Curve Finance’s Website Was Hijacked Twice—With a Screenshot?!

BBG News

Well now, if that ain’t the darndest thing I’ve seen west of the Mississippi and just as crooked as a dog’s hind leg. Picture this: Curve Finance, that fancy DeFi establishment where folks go to swap digital coins faster than a gambler swaps horses, has hollered at its users not to touch its website, on account of a domain name shakedown. Turns out, some slick rascal up and swapped the real deal for a lookalike designed to swipe wallets faster than a pickpocket at a Sunday fair. 🤠

On May 12, our friends at Curve took to the X machine to proclaim, “curve.fi DNS might be hijacked,” which in good old-fashioned English means, “Y’all better keep your paws off ‘til we catch the snake who did this.”

What happened? Well, some bandit decided to reroute the digital postman delivering folks to Curve’s proper front porch, sending ‘em instead to a trap house with a velvet rope, a fake front, and buttons just itchin’ to rob you blind. These criminals didn’t even bother with high-falutin’ tricks; just threw up a screenshot of the site and slapped on a wallet drainer link. Subtle as a skunk at a garden party. 🦨

Connect your wallet, and—whoosh!—your coins say goodbye, probably off to some tropical paradise where bad code goes to retire.

But don’t toss all your crypto into the river just yet! Curve’s people were quick to say their smart contracts are still tighter than a miser’s purse; it’s only that their domain is now sending visitors to the wrong IP, which, I’m told, is fancy tech-speak for “the front door now leads to the outhouse.”

The two-factor authentication is still standing sentry, and a poor soul at the domain registrar is probably pulling his hair out trying to wrangle control of the address back. The team’s still poking at the problem, and pleaded with folks to leave the website alone, lest you want your wallet to take a walk it won’t come back from.

Now here comes David Zhang, a fellow swift with wit and even quicker with the sarcasm. He remarked, “The hackers barely even tried. They just replaced the site with a clickable screenshot and a drainer link. This could’ve been so much deadlier if they tried…” In other words, if these bandits had ambition, we’d all be in a world of hurt. But thank heavens for lazy crooks. 😑

The hackers barely even tried. They just replaced the site with a clickable screenshot and a drainer link

This could’ve been so much deadlier if they tried…

— David Zhang (▲) (@dazhengzhang) May 13, 2025

For Curve, this wasn’t their first rodeo. Back in August 2022, some varmints pulled the same trick, draining more than $570,000 in crypto before the sheriff showed up. Binance even froze near half a million dollars, and a posse at Fixed Float corralled another 112 ETH. Curve got wise, changed their DNS provider, and shouted from the rooftops for users to revoke permissions faster than you can say “not my keys, not my coins.”

The fallout this time? Well, Curve’s homegrown token CRV stumbled over 7%—I imagine the market got jittery from all the hollerin’.

And just to keep the drama hotter than a billy goat in a pepper patch, this DNS dust-up happened mere days after someone wrangled Curve’s X account and used it to post a mess of phishing links. Fortunately, that mess was cleaned up posthaste and, according to Curve, no one lost a nickel—unless you count their faith in internet security.

Seems every week there’s another X account flat-out pilfered, all to push scam tokens and phishing links, making the Wild West look positively civilized compared to Web3 these days. Buckle up, partners. 🧑‍🌾

Read More

2025-05-13 11:08

Previous post Blast Ditches Safe for Wallets—Option 2 Will Blow Your Socks Off!
Next post BAFTA TV Awards: Viewers Cringe at Unfunny Gags and Flat Comedy Attempts