Curve Finance Confirms No Breach Of Smart Contracts, User Funds Remain Secure After DNS Attack

In Brief Curve Finance reported that the curve[.]fi domain was compromised at the DNS level, but the breach did not affect any smart contracts or internal systems, and the protocol remains fully operational and secure.

Decentralized exchange and automated market maker Curve Finance shared a technical summary of a recent security incident involving its domain. The team reported that the curve[.]fi domain experienced a compromise at the DNS level, which led to traffic being rerouted to an unauthorized IP address unrelated to Curve Finance. Importantly, the breach did not impact any smart contracts or internal systems, and the protocol continues to function securely and without disruption.

Curve Finance emphasized that user funds remain unaffected and the platform’s smart contracts are still secure. The event was confined solely to the DNS layer and did not extend to the core protocol infrastructure. Upon identifying the issue, the team promptly initiated an investigation, collaborated with its domain registrar and cybersecurity partners, and implemented reinforced operational security measures. Work is ongoing to fully resolve the domain issue and restore normal service functionality.

Late last night, the curve [.] fi domain was compromised at the DNS level. This exploit redirected traffic to a malicious IP not associated with Curve Finance. No smart contracts or internal systems were breached—the protocol itself remains fully operational and secure.



Curve Finance Affirms Protocol Security And Reinforces Industry-Standard Protections

This event is not associated with any compromise of internal systems. Curve Finance operates under a comprehensive and industry-standard security framework that includes protective measures such as password security and two-factor authentication (2FA), all of which were in place prior to the incident and were not circumvented.

The DNS-related issue affecting the curve[.]fi domain is part of a broader trend. In recent weeks, the cryptocurrency sector has experienced a rise in infrastructure-targeted attacks across multiple projects. These developments highlight the need for a consistent and proactive security approach throughout the industry. Curve Finance is actively implementing the necessary steps to protect user assets and reestablish full service functionality.

As a precautionary measure, users are advised not to interact with the curve[.]fi domain until official communication is provided via Curve Finance’s verified channels.

The project has acknowledged the seriousness of the situation and remains focused on transparency. Ensuring user protection and upholding confidence in Curve as a foundational component of decentralized finance (DeFi) remain core priorities.

Curve Finance DEX operates on Ethereum Virtual Machine-compatible sidechains and Layer 2 networks. The platform is designed to facilitate optimized trading of both stablecoins and volatile cryptocurrency assets. In addition to liquidity services, Curve has launched crvUSD, an over-collateralized stablecoin supported by a distinct liquidation mechanism. The protocol also provides application programming interfaces (APIs) for accessing detailed pool data and allows for the permissionless creation of new liquidity pools.

