Convex Finance Launches Two URLs After Spoofing Exploit

Convex Finance Launches Two URLs After Spoofing Exploit

The domain name servers (DNS) of decentralized staking platform Convex Finance have been the target of the latest spoofing attack.

Angel investor Alexintosh first noted on July 23 that Convex Finance requires users to approve an unverified smart contract address. This suggests that malicious entities may have infiltrated Convex Finance’s website to conduct a DNS spoofing attack. Following the incident, the Staking platform confirmed that its DNS had been hijacked, causing users to unceremoniously approve malicious contracts for certain interactions on the site. Convex then announced the setup of two alternate domains and asked users to use those URLs to interact with the site when conducting surveys. The platform flagged five wallets affected by the vulnerability. However, the team revealed that funding for verified contracts was not affected. The exploiters sent the stolen funds to a wallet labeled “Convex Phisher Deposits,” which flagged small amounts of cryptocurrency from affected users, and then moved the bulk of the funds to coin mixer Tornado Cash to hide the trail. Convex Finance said a detailed post-mortem report will be released soon. Additionally, cryptocurrency tracking and compliance platform MistTrack revealed that decentralized structured product protocol Ribbon Finance also suffered a DNS hijacking attack, with victims reportedly losing 16.5 WBTC. On-chain analysis revealed that it was the same attacker as Convex.

Special Offer (Sponsored)
Binance Free $100 (Exclusive): Use this link to sign up and get $100 for free and a 10% fee discount on Binance Futures first month (terms).

PrimeXBT Special Offer: Use this link to sign up and enter code POTATO50 to get a deposit of up to $7,000.


Be the first to comment

Leave a Reply

Your email address will not be published.