Curve Finance has announced a permanent move to a new web domain, Curve.finance, after falling victim to a targeted DNS attack that exposed users to phishing risks. The DeFi protocol made the decision to switch domains due to prolonged downtime and limited support from .fi domain registrars.
The attack occurred on May 12 when hackers hijacked the DNS records for Curve.fi, redirecting visitors to a fraudulent website that mimicked the protocol’s interface. This malicious site attempted to deceive users into signing wallet-draining transactions. Fortunately, Curve confirmed that the breach was contained at the DNS level and that no internal systems were compromised.
Despite the quick response from Curve, the compromised website remained active for several hours as the domain registrar, iwantmyname, failed to address community complaints. The founder of blockchain security firm Slowmist, Yu Xian, expressed concern over the incident, highlighting the phishing gang’s use of fake wallet pop-up scams to extract sensitive information from users.
This is not the first time Curve Finance has faced security challenges. In 2022, the protocol suffered a similar DNS hijack that resulted in user losses of approximately $530,000. The recent attack comes shortly after a separate security event in which a hacker briefly took control of Curve’s social media account to post phishing links.
Security experts have pointed out that these incidents signal a shift in tactics by attackers, who are increasingly targeting infrastructure-based vulnerabilities rather than exploiting code vulnerabilities. The crypto industry has already lost billions of dollars to malicious actors this year, with centralized exchanges and DeFi protocols being prime targets.
The move to a new domain is a proactive step by Curve Finance to mitigate future security risks and protect its users from phishing attacks. By prioritizing user safety and enhancing security measures, the protocol aims to maintain trust within the DeFi community and safeguard against potential threats.