Curve Finance encountered a second DNS attack, causing the price of the Curve DAO (CRV) token to drop by 7%. This attack redirected users to a malicious website through DNS hijacking, although the smart contract security remained unaffected. Curve Finance has issued a warning, advising users not to interact with the hijacked domain and is working with the registrar to regain control. The incident has triggered negative sentiment in the community, with trading volume decreasing by 8% and the 24-hour trading amount falling to 165.90 million USD. The Curve team emphasized that user security is the top priority and committed to maintaining transparency.

HIGHLIGHTS Curve Finance alerts users against a DNS hack that redirects them to a malicious website.  The Curve DAO token price plummets 7% following the hack. This is the second time this week that Curve Finance has faced a DNS hijack. In a concerning development within the decentralized finance (DeFi) community, Curve Finance has fallen victim to a second DNS hack. This breach has triggered a 7% decline in the Curve DAO (CRV) token price, sparking widespread concerns.

Following the hack, the DeFi protocol issued a warning alert, “Curve.fi DNS might be hijacked. Don’t interact!” In addition, the platform asserted that smart contracts remain safe.
Curve Finance Faces DNS Attack, Curve DAO (CRV) Token Price Dips
In an X post dated May 13, DeFi protocol Curve Finance cautioned users against its domain name system (DNS) hack that redirects users to a malicious clone site designed to drain wallets. This is the second time the DeFi protocol has been hit this week, with the team assuring users that their smart contracts are safe.

Driven by this development, the Curve DAO token price has seen a massive decline. Currently trading at $0.7220, CRV has plummeted by 6.91% over the past day. Despite this 24-hour dip, the token has surged by 12% and 18% over the past week and month, respectively.
Curve Finance Prioritizes User Safety
Further commenting on the platform's priority of user safety and security, the Curve team stated,
We understand the seriousness of the situation and are committed to full transparency. Our top priority is user safety and maintaining trust in Curve as a public infrastructure for DeFi.
On May 6, Curve Finance’s X account had been hacked, following which the company affirmed,
No other Curve accounts were affected. No security issues were found on our side, no user funds were impacted, no victims of phishing links which the hacker posted. All Curve systems remain fully operational.
Curve Finance DNS Hack: What Happened?
Reportedly, the hackers hijacked Curve Finance’s DNS, sending clients to a malicious site to gain access to funds. The team clarified that the issue is due to their website pointing to the wrong IP address, suggesting a DNS hijacking rather than a direct hack.

Curve Finance assured users that their smart contracts are secure, but the domain name is currently redirecting to a malicious site that could drain wallets. The team also confirmed that their password is secure and that two-factor authentication had been set up previously. Curve is now working with the registrar to regain control and investigate the issue.

However, the CRV token price is significantly affected by the hijack. The move has created a negative sentiment within the community, which is clearly evident in the 8% decline in trading activity. Over the past 24 hours, the trading volume has dropped to $165.9 million.

Curve Finance suffers second DNS attack, CRV token price drops by 7%