CRV staking platform Convex Finance's website DNS hijacked, with five user addresses signing malicious contracts.
The staking platform for Curve governance token CRV, Convex Finance (CVX), announced that its main website http://convexfinance.com has had its DNS hijacked, prompting users to approve a malicious smart contract. The official statement mentioned that five user addresses have signed the malicious contract, but funds in the Convex Finance contract were not affected.
Table of Contents
The staking platform for Curve governance token CRV, Convex Finance CVX, has reported that its main website http://convexfinance.com has had its DNS hijacked, prompting users to approve malicious smart contracts. The official statement mentions that five user addresses have signed the malicious contracts, but the funds in the Convex Finance contract have not been affected.
Currently, Convex Finance is providing alternative domains for users:
Investigation is still ongoing, but a quick update for the community:
– DNS for https://t.co/5rSUjMgY4u was hijacked, prompting users to approve malicious contracts for some interactions on the site.
– Funds on verified contracts are unaffected.— Convex Finance (@ConvexFinance) June 23, 2022