Curve Finance
Tue, 16 Aug 2022
  1. By : Nishant Vishwakarma
Curve ‘Strongly Suggests’ Domain Migration to Ethereum Name Service After $570K Frontend Hack

 

Curve Finance has more clarifications to this week is $570,000 frontend attack. 

 

A recent report conducted with domain registrar company “iwantmyname”, the domain host for the decentralized finance exchange, indicated that Tuesday’s cyber-attack was a result of “DNS cache poisoning, not nameserver compromise.

 

On 9th August, Curve announced to the users that it had suffered a frontend cyber-attack wherein the nameserver, curve.fi, was compromised and hacked, leading to $570,000 of Ethereum (ETH) being stolen from users accounts.

 

Also Read: Crypto Exchange Huobi Now Able To Operate In Australia

 

It stated that the platform was targeted through a compromise in the hosted domain name service infrastructure. Hackers cloned the DNS records in the server to mimic the original server, known as DNS cache poisoning. 

 

This attack redirects the users to a page of the attacker is choosing, scamming people into believing that it is the original domain and using the site as usual. 

 

Also Read: Binance US Will Delist AMP Token Following SEC Complaint

 

Beyond outlining the attack methodology, Curve also mentioned that “What has happened strongly suggests to start moving to ENS instead of DNS,” referring to the Cryptocurrency equivalent of DNS—a name source that translates the Internet protocol (IP) address into the page for users—called the Ethereum Name Service.

 

Moving to ENS, as Curve suggested, will supposedly prevent such frontend hacks from happening in the foreseeable future. 

 

Curve Finance has yet to revert to Decrypt is inquiries on the matter.

 

Also Read: Coinbase Exchange Is Rapid Rise Left It Exposed In Crypto Winter

 

What is Ethereum Name Service?

 

Etheruem Name Service, or ENS, has been made prevalent of late thanks to its function to turn the long string of letters and numbers that is Cryptocurrency addresses into human-readable addresses. 

 

Instead of that clunky cryptocurrency address, one could instead into something like “satoshi.eth” using ENS. And as you can see, that “.eth” suffix looks similar to the DNS-native “.com.” 

 

Also Read: Digital Asset Research Announces July 2022 Crypto Exchange Vetting Results

 

But insofar as the service exists on the Ethereum Blockchain Technology, it is far more safe and potentially resilient to attacks like those suffered by Curve on Tuesday.

 

Leave a Comment

DISCLAIMER

CryptoHelpExchange disclaims all liability for any mistakes on this website (including omissions or inaccurate material). Even if they are the consequence of mistakes, CryptoHelpExchange disclaims all liability for any trading or investment losses caused by visitors.

Without the express consent of CryptoHelpExchange, no part of the written information on this website may be duplicated. If it is discovered that material is being copied without CryptoHelpExchange's consent, that organization will pursue legal action against those responsible to the fullest extent permitted by the law. The aforementioned rule does not apply to any RSS feeds that CryptoHelpExchange offers or situations where explicit permission from CryptoHelpExchange was given.

Your single and only option if you disagree with any of the terms as stated above is to stop using CryptoHelpExchange.