Eğri Finansmanı Devam Eden Saldırıda Kullanıldı

DeFi protocol Curve is currently being exploited through its front end. Over $573,000 has already been taken by the attacker.

Frontend Exploited

Curve Finance is being exploited.

According to Paradigm researcher samczsun, Curve’s front end is currently compromised. The researcher warned Curve users not to use the protocol until further notice. 

Curve later appeared to onaylamak the ongoing exploit on Twitter, writing in reply to samczsun, “Don’t use the frontend yet. Investigating!”

Zincir üzerindeki veriler şov that the malicious contract associated with the exploit appears to have siphoned over $573,000 in USDC and DAI from eight different victims so far. The funds, already transfer to the attacker’s wallet and swapped for ETH tokens, were sent to crypto exchange FixedFloat, first in batches of 45 ETH, then in amounts ranging from 20 to 22 ETH.

At press time the attacker had also started gönderme tokens through cryptocurrency mixer Tornado Cash, which was sanctioned by the U.S. Treasury Department yesterday.

The Curve team hinted the attacker possibly cloned the Curve site, made the Domain Name System (DNS) direct towards the fraudulent site and then added approval requests to the malicious contract. It furthermore clarified that curve.exchange, contrary to curve.fi, seems to have been unaffected.

Curve Finance is a decentralized finance (DeFi) protocol that provides “extremely efficient” stablecoin trading services with low slippage and fees. It is considered a pillar of the DeFi ecosystem, with over $6 billion in total value locked. 

Update: the Curve team posted on Twitter at 08:27 UTC that the exploit had been patched, and urged Curve users to revoke Curve contracts they may have approved in the last few hours.

Update 2: FixedFloat açıkladı that it has frozen funds amounting to 112 ETH in connection to the exploit.

Bu gelişmekte olan bir hikaye.

Açıklama: Yazma sırasında, bu parçanın yazarı ETH'ye ve diğer birkaç kripto para birimine sahipti.