Binance has announced that it has seized assets worth around $450,000 that is linked to the Curve Finance exploit that occurred a few days prior. This is the second large-scale seizure of funds linked to the exploit, with Fixed Float seizing around $200,000 worth of assets that the hackers deposited.
A Significant Chunk Of Funds Recovered
Binance CEO took to Twitter to announce that the exchange had managed to freeze a significant chunk of the funds stolen from the Curve Finance exploit earlier in the week. Binance CEO Changpeng Zhao shared an update on Twitter about the seized funds, stating that the exchange seized around $450,000 worth of stolen assets deposited by the hacker.
According to Zhao, the seized funds represent around 80% of the funds stolen from Curve Finance during the exploit. He further added that the exchange is working with law enforcement to ensure that the funds are returned. Curve is yet to comment on the recovery of the funds by Binance.
“Binance froze/recovered (sic) $450k of the Curve stolen funds, representing 83%+ of the hack. We are working with [law enforcement] to return the funds to the users. The hacker kept on sending the funds to Binance in different ways, thinking we can’t catch it.”
Second Seizure Related To Curve Exploit
Binance’s seizure makes this the second seizure of assets linked to the Curve Finance exploit that took place earlier in the week. Previously, several reports emerged stating that Fixed Float, a Lightning Network-based exchange, had frozen $112 ETH (around $200,000) linked to the Curve exploit. The depositor had deposited the funds in the hope of laundering them and going scot-free with the exploit. As a result, the total funds recovered linked to the exploit have crossed $650,000.
The Curve Finance Exploit
Curve Finance had on Tuesday reported a significant breach in which the protocol’s front end was compromised thanks to a DNS attack, also known as cache poisoning. This allows the attacker to spoof the original webpage and trick users into entering their details into a malicious contract. When users interact with the contract and enter their information, hackers are able to drain their wallets. After the exploit, the hacker transferred a significant chunk of the stolen funds to Binance and Fixed Float, where the exchanges could freeze the funds.
Curve had issued a warning to users after the exploit, stating,
“What has happened strongly suggests to start moving to ENS instead of DNS.”
The warning also suggested that ENS (Ethereum Name Service) could provide better security against front-end attacks.
Disclaimer: This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.
This post was originally published here.