The DeFi protocol built on top of the Curve DEX liquidity pool, Convex Finance, sets up new website addresses or URLs following a DNS hijack attempt.
Today, the Convex Finance team announced that users were compelled to approve malicious contracts for some site interactions once the DNS for the platform got hijacked.
The funds on verified contracts are allegedly unaffected, according to the Convex Finance team.
Along with encouraging people to get in touch with the Convex team, Convex also published a list of the five addresses that have approved the malicious contracts.
Around an hour later, Convex Finance tweeted about an alternate domain that has been set up as a precaution for Convex users: Domain1 and Domain2.
While the DNS hijack investigation is ongoing, users are encouraged to interact with the site using these alternate URLs.
Meanwhile, a wallet marked as “Convex Phisher Deposits” by Etherscan sent just under $1,000 worth of USD Coin and CRV through Uniswap. The wallet seems to have acquired minor amounts of crypto from impacted users.
Convex Finance says that the problem has been resolved for now, and a detailed report about the event will be published later.
This is not the first-time Convex Finance has come under such a threat. In April, Convex Finance fixed the $15 billion rug pull vulnerability uncovered by blockchain security firm OpenZeppelin.
DeFi protocols are constant victims of phishing attacks with bad actors waiting for an opportunity to exploit some vulnerability in the platform. Just yesterday, Harmony Protocol suffered a $100M loss as the hacker exploited a vulnerability on its Horizon Bridge.
