Curve Finance Suffers Suspected DNS Attack: Users Urged to Avoid Platform as DeFi Frontend Risks Resurface
Curve Finance, one of the largest protocols in decentralized finance (DeFi), has reportedly fallen victim to a DNS hijack, prompting urgent warnings from its team and disrupting related services across the DeFi ecosystem.
In a public alert shared via X (formerly Twitter), the Curve Finance team advised users to immediately refrain from using the platform, citing security concerns tied to unauthorized redirection. Though the full extent of the breach is still being assessed, early reports point to a manipulation of the project’s domain name system (DNS)—a type of cyberattack where traffic is diverted to malicious clones of trusted websites.
The ripple effects were quickly felt. Convex Finance and Resupply, both reliant on Curve’s infrastructure, confirmed that their services experienced interruptions. While both platforms emphasized that their own backends remain uncompromised, they acknowledged that disruptions would persist until Curve's DNS issues are resolved.
DNS hijacking represents a critical threat to DeFi platforms, particularly their web frontends, which—unlike smart contracts—are centralized and therefore more exposed to traditional cyber exploits. In such attacks, unsuspecting users may be directed to counterfeit interfaces that mimic real platforms, potentially resulting in compromised wallets or fraudulent transactions.
Curve Finance has assured users that it is collaborating with affected partners to address the breach and restore full functionality. Meanwhile, DeFi security professionals continue to caution users against signing transactions or interacting with any decentralized apps (dApps) linked to Curve until the situation is fully resolved.
This event underscores a broader vulnerability within the DeFi landscape. While blockchain protocols tout decentralization and transparency, their frontends often remain single points of failure, susceptible to classic cybersecurity threats. As the space matures, security efforts may need to shift beyond contract audits to include robust protections for web infrastructure as well.