The curve.finance web site was DNS hijacked on 2022-08-09 and a new smart contract that drains victims wallets if accepted is being served. Previously the DNS was registered through GoDaddy. The attack was partially mitigated through a white hat hacker that executed a SYN flooding attack against the new IP addresses serving the malicious smart contract, limiting the ability for victims to connect and be attacked.