Following the recent Curve Finance attack, Binance CEO Changpeng Zhao announced that the exchange had recovered $450 million from the hackers. Decentralized finance platform (defi) Curve saw roughly $570 million taken from the app on August 9.
Binance Chief Says Exchange Freezes 83% Of Curve Funding Hack Funds, Domain Provider Says Exploit Was DNS Cache Poisoning
Four days ago, the crypto community learned that the front end of Curve Finance had been exploited. Curve fixed the situation, but $570 million was removed from the defi protocol. The attackers, however, decided to send the funds to crypto exchanges. Binance CEO Changpeng Zhao (CZ) tweeted about the exploit the day it happened.
“Curve Finance had its DNS hijacked in the last hour”, CZ he wrote. “The hacker put a malicious contract on the home page. When the victim approved the contract, the wallet would be depleted. The damage is about $570,000 so far. We are monitoring.” In addition to Binance monitoring the situation, the Fixedfloat exchange managed to freeze some funds.
“Our security department has frozen part of the funds for an amount of 112 [ether]. In order for our security department to resolve what happened as soon as possible, please email us “, Fixedfloat he wrote the day of the hack. Then, three days after the hack, on August 12th, CZ explained at 1:07 am (EST) that Binance recovered approximately 83% of the funds.
“Binance Freezes/Recovers $450,000 Of Curve’s Stolen Funds, Which Makes Up Another 83% Of The Hack,” CZ he tweeted Friday. “We are working with [law enforcement] to return funds to users. The hacker kept sending the funds to Binance in different ways, thinking we couldn’t catch him,” CZ added.
Curve Finance retweeted CZ’s statement and noted earlier in the day that the team has a brief report from the domain provider [iwantmyname.com] and said, “In short: DNS cache poisoning, not nameserver compromise,” Curve Finance explained while sharing the report. “No one on the web is 100% safe from these attacks. What has happened STRONGLY suggests starting to move to ENS instead of DNS.
iwantmyname.com’s domain provider report confirms Curve’s claims. “It appears that a customer’s domain was targeted,” the iwantmyname.com disclosure report details. “Apparently, our third-party provider’s hosted DNS infrastructure was compromised and the DNS records for this domain were changed to point to a cloned web server. Further investigation along with the third-party provider indicate that this was a poisoning from the DNS cache rather than any compromised name servers.
Tags in this story
$450M, $570K, Binance, Binance CEO, Changpeng Zhao, Curve, Curve fi frontend, Curve.finance, CZ, DeFi, Defi exploit, DNS Cache intoxication, ETH, Ethereum, Ethereum (ETH), Fixedfloat, Funds , Hack, Hacker Fund, iwantmyname.com, USDC, USDC Fund
What do you think about Binance getting back $450 million from Curve Finance hack? Let us know what you think about this topic in the comments section below.
Jamie Redman is the head of news for Bitcoin.com News and a financial technology journalist living in Florida. Redman has been an active member of the cryptocurrency community since 2011. He is passionate about Bitcoin, open source code and decentralized applications. Since September 2015, Redman has written over 5,700 articles for Bitcoin.com News on the disruptive protocols emerging today.
Image credits: Shutterstock, Pixabay, Wiki Commons
Exemption from liability: This article is for informational purposes only. It is not a direct offer or solicitation of an offer to buy or sell, or a recommendation or endorsement of any product, service or company. Bitcoin.com does not provide investment, tax, legal or accounting advice. Neither the company nor the author is responsible, directly or indirectly, for any damage or loss caused or alleged to be caused by or in connection with the use of or reliance on any content, goods or services mentioned in this article.
More popular news
In case you missed it