Investigation is still ongoing, but a quick update for the community:
- DNS for convexfinance.com was hijacked, prompting users to approve malicious contracts for some interactions on the site.
- Funds on verified contracts are unaffected.
- Issue is remediated at this time, but investigation is ongoing. Full post-mortem to follow.
At this time, 5 addresses seem to have approved malicious contracts (in the tweet below). If you are the owner of one of these addresses, please reach out via Twitter DM or Discord.
List of 5 addresses that have approved malicious contracts:
0x496e53c32a69a79a82ed85d2913010dd2f9d1b4f
0x4ffc5f22770ab6046c8d66dabae3a9cd1e7a03e7
0x5b186c93a50d3cb435fe2933427d36e6dc688e4b
0x624301090700ea1e3c5b5224f89adfae405412c1
0x92557b6ffa116b53cf2c3bc1d6d33f78d97ed4c9
• • •
Missing some Tweet in this thread? You can try to
force a refresh