The hacker (or group) targeted the Curve domain name, redirecting incoming Curve users to another malicious web address. According to the Curve developers, the Curve.fi nameserver site had suffered a breach.
The platform claims to have investigated and resolved the breach.
Zackxt, a Web3 on-chain investigator, has claimed that the stolen funds were deposited into the FixedFload crypto exchange to be legalized.
In response to Zackxt’s alert, FixedFloat acted in a timely manner and was able to acquire ETH of $191,088 (approximately Rs 1.5 crore), which is equivalent to ETH 112.
Our security department has frozen part of the funds in the amount of 112 ETH. In order for our security department to be able to sort out what happened as soon as possible, please email us: firstname.lastname@example.org
— FixedFloat⚡️ (@FixedFloat) August 9, 2022
The attack on Curve Finance is part of the fifth large-scale hack on crypto firms in the past month.
In July, NFT registration platform Premint lost 320 NFTs in a hack attack. It was found that the hackers sold the stolen NFTs in 275 Ether tokens for a total of $400,000 (approximately Rs.3.20 crores).