Curve Finance Hit by Exploit—Users Warned to Steer Clear as Hackers Strike

DeFi’s ’stable’ giant just got rocked. Curve Finance—the go-to platform for low-slippage swaps—reportedly suffered a breach earlier today, with security analysts urging users to avoid the site until further notice.

Details remain murky, but early chatter points to a possible contract exploit. The irony? A protocol built to mitigate risk now handing hackers a blank check. Classic crypto.

Pro tip: If your yield farm just offered a ’limited-time 10,000% APY,’ maybe double-check it’s not a drainer in disguise. Stay frosty.

Curve Finance Hacked – What We Know So Far

The incident has reportedly impacted multiple DeFi projects. Convex Finance and Resupply, both of which rely on Curve’s data feeds, reported outages and functionality issues. 

Both teams confirmed their own platforms remain secure, but dependent services are disrupted until Curve’s domain is restored.

Convex’s website uses data from Curve, and Curve’s domain name is currently suffering an attack. As a result, this data is currently unavailable, which negatively impacts most of Convex’s website. Convex’s website is SAFE but will not work correctly until Curve’s domain name… https://t.co/d4npGmMgyn

DNS hijacking is a type of cyberattack where attackers manipulate the Domain Name System to redirect users to malicious sites. In this case, attackers could trick users into interacting with fraudulent versions of Curve’s platform.

Security experts and users have flagged this as a strong reminder of the risks associated with DeFi frontends. Unlike decentralized smart contracts, web frontends remain vulnerable to traditional attacks such as DNS hijacking.

Projects linked to Curve, including Convex, have emphasized that while their backends are unaffected, users should avoid signing transactions or interacting with dApps tied to Curve during this period.

While all smart contracts are safe, the domain name points to a malicious site which can drain your wallet!

We are investigating and working on recovering the access.

No sign of a compromise on our side https://t.co/YUmwtwt5PH

Curve Finance said it is working with affected partners to resolve the issue. As the investigation continues, further updates are expected.

This situation highlights the need for DeFi protocols to focus more heavily on frontend security. Recent DeFi hacks reflect that the front end remains an exposed vector despite decentralized architectures.

This is a developing story.