Binance recovers $450K stolen from Curve DNS Hack
Binance CEO Changpeng Zhao murmured On August 12th, the exchange identified and froze 83% of funds stolen from Curve Finance after hackers attempted to launder money through Binance.
Binance has frozen/recovered $450,000 of Curve’s stolen funds, representing over 83% of the hack. We are working with LE to return funds to our users. Hackers kept sending funds to Binance in various ways, thinking we wouldn’t be able to catch it.😂#SAFU https://t.co/Ekea9moeAw
— CZ🔶 Binance (@cz_binance) August 12, 2022
Binance is currently working with the appropriate law enforcement agencies to return the funds to users.
DNS Exploit Timeline
Curve Finance lost over $570,000 to hackers who hijacked its DNS on August 9th. DNS spoofing cloned the Curve website, created a DNS route to the IP where the cloned website was deployed, and added an authorization request to the malicious contract.
🚨🚨🚨@Curve Finance Your front end is at risk. Do not use until further notice.
— samczsun (@samczsun) August 9, 2022
There was an initial limitation for users in certain regions, but a quick response from the Curve team resolved the issue. Users will have free access after August 10th. curve.fi website.
Finally, the DNS settings for https://t.co/vOeMYOTq0l It propagates everywhere, so it can be safely used anywhere on the planet.https://t.co/UKYBuunAhY The chain-specific site was updated much earlier.
— Curve Finance (@CurveFinance) August 10, 2022