Convex Finance Launches Two URLs After Spoofing Exploit
The Domain Name Server (DNS) of the decentralized staking platform, Convex Finance, was targeted in the latest spoofing exploit.
Angel investor Alexintosh first flagged that Convex Finance was asking for user approval to an unverified smart contract address on July 23rd.
This suggested that a malicious entity may have sneaked into Convex Finance’s website to carry out a DNS spoofing attack.
Following the incident, the staking platform confirmed the hijack of its DNS that led users to unassumingly approve malicious contracts for some interactions on the website.
Convex then announced setting up two alternative domain names and asked users to use these URLs to interact with the site while they conduct the investigation.
The platform marked five wallets affected by the exploit. The team, however, revealed that funds on verified contracts were not affected.
The exploiter sent the stolen funds to a “Convex Phisher Deposits” flagged wallet flagged that shows a small amount of crypto from the affected users before moving most of it to the coin mixer, Tornado Cash, to hide the tracks.
Convex Finance said that it will publish a detailed post-mortem report soon.
Furthermore, a crypto tracking and compliance platform MistTrack revealed that Ribbon Finance, a decentralized structured products protocol, also suffered a DNS hijacking attack, wherein a victim reportedly lost 16.5 WBTC. On-chain analysis suggests that it was the same attacker as Convex.
Binance Free $100 (Exclusive): Use this link to register and receive $100 free and 10% off fees on Binance Futures first month (terms).
PrimeXBT Special Offer: Use this link to register & enter POTATO50 code to receive up to $7,000 on your deposits.