Two Days Back around $573,000 funds were stolen from Curve Finance.
According to @Cz_Binanace, Curve finance had their DNS hijacked in the past hour. Hacker put a malicious contract on the home page. When the victim approved the contract, it would drain the wallet. Damage is around $570k so far. We are monitoring.
CZ also said that Curve finance use GoDaddy for DNS, which is insecure. No web3 projects should use that. Very susceptible to social engineering.
Binance CEO Changpeng Zhao aka CZ Tweeted, Binance froze/recovered $450k of the Curve stolen funds, representing 83%+ of the hack. We are working with LE to return the funds to the users. The hacker kept on sending the funds to Binance in different ways, thinking we can't catch it. 😂
#SAFU
