Balancer DeFi Protocol Suffers Attack: $238,000 in Crypto Assets Stolen
Crypto News – On September 20, the Balancer decentralized finance (DeFi) protocol faced a significant attack, prompting an urgent warning to users to avoid interacting with the compromised platform.
Balancer alerted its user base about the ongoing assault, indicating that their front end was under attack and that the matter was actively being investigated.
The DeFi Community Shocked by Balancer Compromise
The Balancer team advised users to refrain from interacting with the Balancer user interface until the situation was resolved. However, no further updates were provided through their official communication channels at the time of writing.
Security Firm PeckShield Reports Substantial Losses
Blockchain security firm PeckShield disclosed that approximately $238,000 worth of cryptocurrency assets were pilfered during the attack. This information was corroborated by crypto investigator ZachXBT, who shared details about the stolen amount and the attacker’s wallet address.
In their latest update, PeckShield reported that the attacker had swapped 15.4 ETH for approximately 2,730 AVAX and subsequently transferred these funds to the Mexc exchange.
Potential DNS Hijacking and Deceptive Website Warning Industry commentator Colin Wu speculated that a DNS hijacking attack might have targeted Balancer, although this remains to be officially confirmed. Users attempting to visit the balancer.fi website with MetaMask installed received a red flag warning, cautioning them about potential deceptive practices by attackers.
Web3 Analyst Exposes Malicious Program and Urges Caution A web3 analyst identified as “cyclop” revealed that the Balancer website had been injected with a malicious program named “Drainer.” This program deducts tokens from users’ wallets by generating approval transactions that enable a malicious contract to transfer all funds. As a precautionary measure, users were urged to disconnect all wallets from the compromised platform.
Community Concerns and Financial Impact
Expressing dissatisfaction with Balancer’s lack of a timely response, cyclop raised suspicions of a potential exit scam due to the presence of the Drainer malware on the official Balancer website.
Despite the attack, the price of the BAL token experienced a minor dip, only decreasing by around 2% for the day. The DeFi token has seen a substantial decrease of 95% from its peak in May 2021. Remarkably, the total value locked in the Balancer protocol remained unaffected and stood at $710 million, as reported by DeFiLlama.
This incident marks the second security breach within a few months for the Balancer DeFi liquidity protocol. An earlier critical vulnerability was reported on August 22, affecting multiple V2 Pools, with a prior potential exploit warning issued in January.
Leave a comment