Binance freezes $450 000 stolen from Curve protocol
Now the exchange is working with law enforcement agencies to return funds to the project
12.08.2022 - 11:30
298
3 min
0
What’s new? The head of cryptocurrency exchange Binance Changpeng Zhao said on his Twitter account that the company managed to block $450 000 that was stolen from the Curve.Finance DeFi protocol during the August 9 hack. According to Zhao’s statement, the exchange is now working with law enforcement to return the frozen funds to the owner.
Binance froze/recovered $450k of the Curve stolen funds, representing 83%+ of the hack. We are working with LE to return the funds to the users. The hacker kept on sending the funds to Binance in different ways, thinking we can't catch it. 😂#SAFU https://t.co/Ekea9moeAw— CZ 🔶 Binance (@cz_binance) August 12, 2022
What else did Zhao say? The head of Binance noted that the amount frozen by the platform is 83% of the funds stolen in the hack. He added:
“The hacker kept on sending the funds to Binance in different ways, thinking we can’t catch it.”
Earlier, representatives of the FixedFloat exchange managed to block another 112 ETH (~$191 000) that Curve hackers sent to their platform. In total, hackers withdrew 327 ETH (~$570 000 at the time of the hack) from Curve. According to Zhao, they changed the domain name system (DNS) record for the protocol to redirect users to a fake site that was creating a smart contract and that was withdrawing all customer funds.
Curve developers assured that the vulnerability was discovered and fixed. Citing investigative report results by analysts at the iwantmyname platform, they noted that the hack was due to DNS cache “poisoning” rather than compromise. The protocol’s team added that no one can completely safeguard themselves from this type of attack, and what happened prompted them to think about switching from DNS to ENS (Ethereum Name Service).
We have a brief report from @iwantmyname about what has happened. In brief: DNS cache poisoning, not nameserver compromise.https://t.co/PI1zR96M1ZNo one on the web is 100% safe from these of attacks. What has happened STRONGLY suggests to start moving to ENS instead of DNS— Curve Finance (@CurveFinance) August 10, 2022
Additionally, Twitter users found a fake Curve account with more than 50 000 followers, whose owners are encouraging customers of the protocol to “revoke contracts” using their phishing link. Scammers can probably distribute fake links via Telegram as well.
Just got tagged by an account impersonating @CurveFinance with 51k followers urging all investors to “revoke contracts” using their linkPlease don’t fall for this!— The Defi Bum (@The_Defi_Bum) August 11, 2022
Curve.Finance is a decentralized exchange (DEX) and automated market maker (AMM) for trading stablecoins and wrapped digital assets such as wBTC and tBTC. The total value locked (TVL) in the protocol as of August 12, 11:30 UTC is $6,28 billion, according to DefiLlama. The platform has the native token CRV with a market capitalization of $530,93 million. The asset is trading at $1,35, down by 3,21%per day, according to Binance.
Useful material?
Market
Due to supply shortages, the asset’s pre-market exchange rate was climbing above $1000
Dec 16, 2024
Incidents
Reports about the hacking of the exchange with calls to withdraw assets began to spread on December 13
Dec 13, 2024
Crypto regulations
Stablecoins from issuer Circle will not be affected by the changes
Dec 12, 2024
Crypto regulations
The platform will launch after meeting the preconditions of the local exchange authority
Dec 9, 2024
Market
The $1,1 billion figure was reached after the bitcoin correction
Dec 6, 2024
Crypto regulations
By early January, all open positions and loans of local users will be closed and repaid automatically
Dec 5, 2024