Binance recovers $450K stolen from Curve DNS Hack
Binance has identified and frozen 83% of the funds stolen from Curve Finance and is working with law enforcement to return the money to users.
Binance CEO Changpeng Zhao tweeted on August 12 that the exchange has identified and frozen 83% of the funds stolen from Curve Finance after the hacker attempted to launder it through Binance.
Binance froze/recovered $450k of the Curve stolen funds, representing 83%+ of the hack. We are working with LE to return the funds to the users. The hacker kept on sending the funds to Binance in different ways, thinking we can’t catch it. 😂#SAFU https://t.co/Ekea9moeAw
— CZ 🔶 Binance (@cz_binance) August 12, 2022
Binance is currently working with the appropriate law enforcement agents to return the funds to the users.
Timeline of the DNS Exploit
Curve Finance lost over $570,000 to hackers who hijacked their DNS on August 9. Through DNS spoofing, the Curve website was cloned and made the DNS route to their IP where the cloned website is deployed and added approval requests to a malicious contract.
🚨🚨🚨@CurveFinance frontend is compromised, do not use it until further notice!
— samczsun (@samczsun) August 9, 2022
A swift response from the Curve team resolved the issues, though there were initial constraints for users in certain regions. As of August 10, users can freely access the curve.fi website.
Finally, DNS settings for https://t.co/vOeMYOTq0l propagated everywhere, so it is safe to use in every location on Earth.https://t.co/UKYBuunAhY and chain-specific sites got updated much earlier.
— Curve Finance (@CurveFinance) August 10, 2022