Curve Finance announced a change to its domain name following a DNS hijack incident that could have led to a phishing attack.
Reasons for Domain Change
The platform stated that it changed its domain from Curve.fi to Curve.finance due to prolonged downtime and inadequate support from the .fi domain registrar. The Curve team confirmed that there was no point in reverting back to the old domain as the support from the new registrar is deemed better.
Security of Funds and Systems
A spokesperson for Curve Finance confirmed that none of the platform's password protections or 2FA systems were compromised. All funds were secured during and after the incident, with internal systems and smart contracts also remaining unaffected. The violation was strictly limited to the DNS layer and did not involve unauthorized access to internal infrastructure.
Next Steps for the Team
Currently, the incident is under investigation. Curve Finance is working to identify how the breach occurred and is cooperating with security partners and its new domain registrar to restore normal operations. The team stated that updates will be shared as more information becomes available.
As a result of proactive security measures, Curve Finance has ensured the safety of its funds and functionality of its services, and intends to continue providing timely updates to its users.
