Curve is a decentralized exchange that is used by millions of crypto investors daily. The platform enables investors to exchange their stablecoins and other cryptocurrencies with their wrapped versions in the liquidity pools. 

![curve crypto dns hijack.png](https://images.hive.blog/DQmZF8nQZkWVUhdyu6Ht5pZRCaUm8krnGPwqyUQ8EUuU9SJ/curve%20crypto%20dns%20hijack.png)

With Aave, Curve has $6B TVL on several blockchains including Ethereum, Avalanche and Layer 2 Polygon, Arbitrum, and Optimism. Frankly, having Aave and Curve on your L2 or Mainnet makes it a worthy project in the eyes of many people. Both projects are **prestigious** to collaborate with!

![image.png](https://images.hive.blog/DQmZeLw6s4NJTRZfFajJJSDzc4uxjRj1ERMXMgvXP3tL36A/image.png)

Owning 5th highest TVL on it, Curve suffered a DNS hijack a couple of hours ago. Let's see what happened and why did it take place.

### DNS Vulnerability - Frontent Attack
Hackers were able to manipulate the DNS service and they were able to control curve.fi domain. When they were able to manipulate it, the contract address was changed by their own wallet:

![image.png](https://images.hive.blog/DQmcMzJ6U3STYbVxE8huMXZ5CoqtNEpvmiExn4SpkX5r89k/image.png)

As you can see above, this contract address was the one that the hackers gathered the money from investors.

According to [Decrypt](https://decrypt.co/107120/stablecoin-trading-platform-curve-suffers-frontend-attack-report), so far $570K worth of Ethereum is stolen. Thanks to blockchain, it is relatively easy to track the transactions of the known wallet addresses.

![image.png](https://images.hive.blog/DQmZAddorNdb5JiuKuPFZFUdBjFEYDoEgTMA9ZAQZhXjnxL/image.png) 

A Twitter user, [pepe_de_niro](https://twitter.com/pepe_de_niro/status/1557130713866141697), provided the traffic of the wallet. As you can see above, Tornado Cash, Binance and some personal Ethereum wallets are included. 

Yesterday we talked about [Tornado Cash Sanctions and Blacklists](https://leofinance.io/@idiosyncratic1/sanctions-on-tornado-cash-who-s-next) and the next day it happened 😅 Knowing this fact, Hackers tried to use [FixedFloat](https://twitter.com/FixedFloat/status/1557116267378708481) but the service provider took an immediate action to freeze the funds.


![image.png](https://images.hive.blog/DQmRx8TFi7QbQ4qdhW1PmpL5zBGQGTP8t9CYSsXftByP3ti/image.png)

Question: Is it the good side of **CeFi**?
You decide 😉

### Web3 in Under Attack
I coined the word **Hackaverse** in which blockchain-based projects are hacked or, at least, stress-tested by malicious attacks. Using **GoDaddy** for DNS, Curve was hunted down from its weak side.

Imagine you lose your money while you are using Curve. Let's be honest, it is gone. While De-Fi services are still dealing with such weaknesses, it is too hard to rely on them.

![image.png](https://images.hive.blog/DQmcFbfX57odareNH4Mymc7MEhLWTXFwVtdfpo6jSk8REtN/image.png) 

[Mobile Wallets, DNS, Bridges, and Tokenomics...](https://leofinance.io/@idiosyncratic1/crypto-wallet-vulnerability-or-first-solana-then-near) All these cases have one thing in common: Suffering people... What makes Hive unique is the security of the wallet. I do not feel that I need a Ledger to secure my Hive / HBD or Hive tokens. Just count how many Hive private keys you have for your single account and the number of frontends you can use to access your funds. 

### Hackaverse mode: ON
How many hack, exploit and sanction news have we seen in a month? I think the ecosystem is putting huge efforts to safely pass through the bear market and the depressing atmosphere in cryptoworld. 

FUD lost its value as the market does not actually react to it as before. Contrarily, hacking is not something negligible; it is devastating for a blockchain-based ecosystem. During this bear market, I'm not going to dive into newly developed apps, wallets or products that I need to download to access. 

Better to stay on the safe side. Even the Curve team (managing $6B TVL) may have hilarious **"mistakes"**. However, tiny mistakes may end up losing your whole savings in a couple of minutes.

Stay Safe ✌🏼 

Posted Using [LeoFinance <sup>Beta</sup>](https://leofinance.io/@idiosyncratic1/dns-hijack-or-curve-fi-on-target)