# curvefi.co — MALICIOUS > curvefi.co is a high-risk phishing domain. Avoid interaction and report suspicious activity to protect your personal data. ## Summary PhishDestroy identifies curvefi.co as a high-risk generic phishing domain designed to deceive users and potentially steal sensitive information. Despite being newly registered on May 7, 2025, the domain has rapidly gained notoriety due to its malicious intent. The domain is associated with phishing campaigns that target unsuspecting victims, often mimicking legitimate financial or cryptocurrency services to lure users into revealing login credentials or private data. curvefi.co is registered through DYNADOT LLC and currently appears on six separate security blocklists, indicating a consensus within the cybersecurity community about its malicious nature. VirusTotal analysis highlights that 15 out of 95 security vendors flag this domain, underscoring its threat potential. The domain's infrastructure is typical of phishing operations, leveraging newly created registrations and evading detection by frequently changing hosting environments or associated URLs. At present, curvefi.co remains active and continues to pose a significant risk to internet users. PhishDestroy strongly advises that users avoid interacting with this domain and exercise caution when receiving unsolicited communications referencing curvefi.co. Organizations should update their security filters to block this domain and educate users about identifying phishing attempts. Prompt reporting of suspicious activity related to this domain to cybersecurity authorities will aid in mitigating potential damage. ## Threat Details - Verdict: MALICIOUS - Site status: alive (HTTP 200) - Target brand: Curve - Page title: Curve Finance ## Domain Intelligence - Registered: 2025-05-07 09:33:16 - Registrar: DYNADOT LLC - Nameservers: ["faye.ns.cloudflare.com", "james.ns.cloudflare.com"] ## Detection Status - VirusTotal: 15 vendors flagged Vendors: ["ADMINUSLabs", "BitDefender", "ChainPatrol", "Chong Lua Dao", "CyRadar", "ESET", "Forcepoint ThreatSeeker", "Fortinet", "G-Data", "Kaspersky", "Lionic", "Seclookup", "Sophos", "VIPRE", "alphaMountain.ai"] - Google Safe Browsing: clean - Blocklists: 6 hits Lists: ["PhishDestroy", "MetaMask", "ScamSniffer", "CryptoFirewall", "SEAL", "Enkrypt"] ## Live Page Content ### Page Text Curve Finance Curve Finance Home Patterns Blog Contact Facebook Instagram Twitter Curve Swap and Exchange Enter to crypto world with curve pool, swap and exchange. This is Curve Finance Curve Curve Finance operates as a decentralized exchange and automated market maker, primarily on the Ethereum blockchain and compatible EVM sidechains/L2s . It specializes in efficient trading of stablecoins and volatile assets. Curve swap Exchange and swap with curve Finance with Curve The world is just too complicated, curve swap and exchange not. Dex Curve With Curve Finance you can do everything Get started today, with curve finance! Curve Copyright 2025 Privacy Policy ### External Scripts - https://crvefi.online/wp-includes/js/dist/script-modules/block-library/navigation/view.min.js?ver=61572d447d60c0aa5240 - https://static.cloudflareinsights.com/beacon.min.js/v8c78df7c7c0f484497ecbca7046644da1771523124516 ### External Links - https://crvefi.online ## Evidence - Cloudflare Radar: https://radar.cloudflare.com/scan/2a251998-94c8-4a36-801b-7f9f01b4ff23 - PhishDestroy: https://phishdestroy.io/domain/curvefi.co/ ## If You Visited This Site 1. Change any passwords you may have entered 2. Enable 2FA on all related accounts 3. Monitor your accounts for unauthorized activity 4. Report to: FBI IC3, Europol, local authorities --- Report by PhishDestroy | https://phishdestroy.io/domain/curvefi.co/ Last updated: 2026-03-14