{"id":63412,"date":"2022-06-24T11:41:54","date_gmt":"2022-06-24T08:41:54","guid":{"rendered":"https:\/\/forklog.com\/en\/?p=63412"},"modified":"2025-09-06T08:52:27","modified_gmt":"2025-09-06T05:52:27","slug":"hacker-hijacked-convex-finance-dns-server","status":"publish","type":"post","link":"https:\/\/forklog.com\/en\/hacker-hijacked-convex-finance-dns-server\/","title":{"rendered":"Hacker hijacked Convex Finance DNS server"},"content":{"rendered":"<p>An attacker hijacked control of <a href=\\\"https:\/\/ru.wikipedia.org\/wiki\/DNS\\\">DNS<\/a>-server of the DeFi protocol Convex Finance to prompt users to approve malicious smart contracts. The project team is assessing the potential damage.<\/p>\n<blockquote class=\\\"twitter-tweet\\\" data-lang=\\\"en\\\">\n<p lang=\\\"en\\\" dir=\\\"ltr\\\">Investigation is still ongoing, but a quick update for the community:<br \/>\u2014 DNS for <a href=\\\"https:\/\/t.co\/5rSUjMgY4u\\\">https:\/\/t.co\/5rSUjMgY4u<\/a> was hijacked, prompting users to approve malicious contracts for some interactions on the site.<br \/>\u2014 Funds on verified contracts are unaffected.<\/p>\n<p>\u2014 Convex Finance (@ConvexFinance) <a href=\\\"https:\/\/twitter.com\/ConvexFinance\/status\/1540104036229185536?ref_src=twsrc%5Etfw\\\">June 23, 2022<\/a><\/p><\/blockquote>\n<p> <script async src=\\\"https:\/\/platform.twitter.com\/widgets.js\\\" charset=\\\"utf-8\\\"><\/script><\/p>\n<p>An attacker hijacked the DNS server of the DeFi protocol Convex Finance to prompt users to approve malicious smart contracts. The project team is assessing the potential damage.<\/p>\n<p>The developers stressed that funds on verified contracts were not affected. However, at least five addresses interacted with the malicious contract. Its owners were urged to come forward.<\/p>\n<p>As of this writing, the investigation remains ongoing. Convex Finance has promised to publish further details later.<\/p>\n<p>The project&#8217;s CVX token did not react to the incident. In the last 24 hours the asset rose by 2% (<a href=\\\"https:\/\/www.coingecko.com\/en\/coins\/convex-finance\\\">CoinGecko<\/a>). CVX is trading around $4.60 \u2014 more than 92% below its January 2022 all-time high of $60.<\/p>\n<figure class=\\\"wp-block-image\\\"><img decoding=\\\"async\\\" src=\\\"https:\/\/lh4.googleusercontent.com\/zJtEBs9G6VGUfGh4zDoYR4LZ93AIBRwGrULzGR5fylThQetbAGBK_bd9tNS5ZP-kVhEWMydjBpF4_dsSH6fr5un1XSLra5GaObA8NOvpYk4YACYBuIJDt4EPIw2en-uZ_b3vLBlhCHknOfypkA\\\" alt=\\\"Hacker attacked the DNS server of the Convex Finance project\\\"\/><figcaption>Hourly CVX\/USD chart on Kraken. Data: TradingView.<\/figcaption><\/figure>\n<p>In April, the Convex Finance team <a href=\"https:\/\/forklog.com\/en\/news\/convex-finance-fixes-bug-that-could-have-endangered-15-billion\">patched the vulnerability<\/a>, potentially threatening a loss of $15 billion. The bug was identified by OpenZeppelin researchers.<\/p>\n<p>Follow ForkLog&#8217;s Bitcoin news on our <a href=\\\"https:\/\/telegram.me\/forklog\\\" target=\\\"_blank\\\" rel=\\\"nofollow noopener\\\">Telegram<\/a> \u2014 cryptocurrency news, rates and analytics.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>An attacker hijacked the DNS server of the DeFi protocol Convex Finance to prompt users to approve malicious smart contracts. The project team is assessing the potential damage.<\/p>\n","protected":false},"author":1,"featured_media":63413,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"select":"1","news_style_id":"1","cryptorium_level":"","_short_excerpt_text":"","creation_source":"","_metatest_mainpost_news_update":false,"footnotes":""},"categories":[3],"tags":[1154,2242],"class_list":["post-63412","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news-and-analysis","tag-crimes","tag-domain-name-system"],"aioseo_notices":[],"amp_enabled":true,"views":"28","promo_type":"1","layout_type":"1","short_excerpt":"","is_update":"","_links":{"self":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/63412","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/comments?post=63412"}],"version-history":[{"count":1,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/63412\/revisions"}],"predecessor-version":[{"id":63414,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/posts\/63412\/revisions\/63414"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media\/63413"}],"wp:attachment":[{"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/media?parent=63412"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/categories?post=63412"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/forklog.com\/en\/wp-json\/wp\/v2\/tags?post=63412"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}