• Curve Finance DNS hijack redirected users to a malicious clone site.
• CRV price has slid about 7.7% as investors panicked and dumped tokens.
• Curve Finance plans migration from DNS to ENS to enhance front-end security.

Late on May 12, Curve Finance warned in an X post that its “curve.fi” domain might be hijacked, and users were urged to avoid the site altogether.

Seems like https://t.co/vOeMYOTq0l DNS might be hijacked. Don’t interact!

— Curve Finance (@CurveFinance) May 12, 2025

According to an update issued by Curve Finance on X, the attackers rerouted the official Curve website’s DNS entries to a front-end clone designed to drain wallets through a deceptively simple drainer link embedded in the page.

While the platform’s smart contracts remain unaffected and secure, the compromised domain now points to an IP address controlled by malicious actors.

Wallet providers such as Phantom swiftly responded by blocking the “curve.fi” address and displaying prominent warnings to users attempting to connect.

Following the attack, Curve Finance has opened a full investigation, engaging security partners and its domain registrar to recover control and restore the genuine site.

Curve DAO (CRV) token price dips

In the wake of the DNS attack, CRV’s price has slipped to around $0.7231 on the CoinMarketCap live chart, marking a 7.7% decline over the past 24 hours as panic spread among investors.

As the price drops, trading volume has surged to over $188 million as holders raced to exit positions amidst the unfolding security crisis.

In addition, the token’s market capitalisation has fallen to roughly $973.1 million, underscoring the tangible impact of off-chain vulnerabilities on on-chain assets.

Although Bitcoin’s own retreat from $105,000 to $102,000 contributed to some downward pressure, analysts agree that the DNS incident served as the primary catalyst for the Curve DAO (CRV) sell-off.

Technical indicators show CRV revisiting price ranges last seen prior to the recent China-US trade deal, reflecting heightened volatility and investor concern.

It’s the second time Curve Finance is facing a DNS attack

The May 13 attack marks Curve Finance’s second front-end DNS breach, following a similar incident in July 2023 when around $61 million was siphoned before containment.

On that occasion, Binance froze more than $450,000 after the culprit attempted to launder funds through its exchange, while Fixed Float recovered about 112 ETH.

Curve subsequently changed DNS providers and advised users to revoke all approvals tied to the compromised domain, but front-end risk remained unaddressed.

The protocol’s social media channels have also been targeted, with its X account briefly hijacked on May 5 to post phishing links before being reclaimed on May 6.

Yesterday, the official @CurveFinance X account was compromised. As you already know, access has been fully restored.

To clarify: the incident was limited strictly to the X account. No other Curve accounts were affected. No security issues were found on our side, no user funds… https://t.co/8bci75uZGr

— Curve Finance (@CurveFinance) May 6, 2025

While Curve Finance has reiterated that no user funds were impacted, the cumulative sequence of breaches has eroded user trust in the platform’s external infrastructure.

Users have voiced frustration at Curve’s inability to secure its public-facing layers despite robust on-chain protocols, with one commenter noting that “secure contracts don’t matter much when the domain itself is the weak link.”

Security experts emphasise that front-end vulnerabilities pose existential risks for DeFi, as wallet connections and transaction approvals are mediated through user interfaces.

Industry peers are monitoring Curve’s remediation efforts closely, understanding that a successful ENS migration could set a new standard for protocol security.

Meanwhile, investors are watching CRV’s performance for signs of recovery or further downside, with broader market conditions also playing a critical role.

Curve Finance to move from DNS to ENS

In response to the latest attack, Curve Finance confirmed plans to ditch traditional DNS in favour of the Ethereum Name Service (ENS) for its human-readable addresses.

Unlike DNS, ENS utilises smart contracts on Ethereum’s blockchain to manage naming, eliminating reliance on centralised registrars and hosting providers.

By transitioning to ENS, Curve aims to bolster front-end security and minimise the attack surface that allowed malicious actors to hijack its domain.

The switch to “curve.finance” under ENS governance represents a structural shift toward decentralisation beyond simply smart contracts.

As Curve Finance diligently works to restore its official website and complete its ENS transition, CRV’s price trajectory remains uncertain in the near term.

For now, CRV investors must navigate heightened volatility and evolving security measures as Curve Finance battles back from another front-end exploit.

• Starknet community approved a dynamic minting curve for STRK tokens.
• The minting curve adjusts token supply based on staking participation levels.
• Starknet Foundation can modify minting parameters to manage inflation and rewards.

The Starknet community has successfully passed a proposal to implement a dynamic minting curve for STRK tokens, a significant move to balance staking incentives with token supply.

Nearly 98.94% of voters supported the new staking mechanism, which aims to offer more control over token inflation while incentivizing user participation. It makes Starknet the first major Ethereum Layer 2 (L2) to roll out staking functionality.

The new minting curve included in the approved proposal is based on “Proposal 2” by Professor Noam Nisan, with slight modifications. It will adjust the minting rate according to staking participation levels.

James Strudwick, executive director of the Starknet Foundation, described the approval as a game-opCEO of StarkWare, and echoed these sentiments, noting that the approval “gives the community a real stake — both literally and figuratively — in its future.”

How the dynamic minting curve works

The dynamic minting curve will adjust the token minting rate (M) based on the staking rate (S) and a constant (C), initially set at 1.6. The formula allows the token supply to be fine-tuned according to how many users are staking, preventing inflation when staking levels are high and encouraging participation when engagement is low.

Additionally, the Starknet Foundation or a designated monetary committee will be responsible for adjusting the minting parameters. This includes the ability to modify the constant (C) within a range of 1.0 to 4.0, depending on staking trends.

Any changes to minting rates will require public announcements and a two-week notice period for community review, ensuring transparency.

With this dynamic system in place, Starknet hopes to foster a more engaged community and incentivize long-term network participation, helping to ensure the stability and growth of the platform.

A sudden and dramatic crash in the value of Curve Finance’s native token, CRV, has resulted in substantial losses for bullish investors and the platform’s founder, Michael Egorov. Blockchain analysis platform Arkham reported that Egorov faced liquidations totaling $140 million in CRV.

Curve Finance Founder Egorov Liquidated

In a social media post on X (formerly Twitter), Arkham confirmed that Egorov’s lending position worth nine figures was liquidated across five protocols due to the price of CRV dropping below his liquidation threshold. 

Related Reading

Egorov’s accounts incurred over a million dollars of bad debt on Curve’s Llamalend, which he managed to clear by receiving $6 million USDT. Additionally, Egorov experienced a $5 million liquidation on UwU Lend while making repayments on Inverse to mitigate further losses.

On June 13, Curve contributor Saint Rat revealed that the protocol had incurred $11.5 million in bad debt, which could be resolved if the price of CRV rises to $0.33. Egorov expressed his commitment to working with the Curve Finance team to address the bad debt situation and protect users from its impact.

Proposal To Burn 10% Of CRV Tokens

In response to the crisis, Egorov proposed burning 10% of the total CRV supply to stabilize the token’s price. He also announced that active voters would receive a three-month boost on deposit rewards across all Curve platforms, aiming to incentivize participation and strengthen the ecosystem. Egorov also stated:

The Curve Finance team and I have been working to solve the liquidation risk issue which happened today. Many of you are aware that I had all my loans liquidated. Size of my positions was too large for markets to handle and caused 10M of bad debt. Only CRV market on lend.curve.fi (where the position was the biggest) was affected. I have already repaid 93%, and I intend to repay the rest very shortly. It will help users not to suffer from this situation.

Related Reading

Interestingly, this recent episode is not the first time Egorov has faced significant liquidations. Last year, he borrowed $60 million worth of loans from Aave, which posed a risk of bad debt in the event of liquidation. 

To address this, Gauntlet, a risk management firm, recommended freezing Aave’s v2 CRV market to minimize protocol risks. In a subsequent private deal, Egorov sold 106 million CRV for $46 million to repay most of his debts on Aave and other lending platforms, ultimately settling his debt to Aave with an $11 million USDT deposit in September.

Before the market crash, CRV was trading at $0.3582. However, it plummeted nearly 40%, hitting an all-time low of $0.2220. 

Since then, the token has recovered and is currently trading at $0.2880. This recovery has helped to mitigate the losses incurred within the 24-hour timeframe, reducing them to 22%.

Featured image from DALL-E, chart from TradingView.com