DeFi Protocol Balancer Exploited Again, Losing $238,000
The decentralized finance (DeFi) protocol Balancer has been attacked in what appears to be the latest industry exploit. The protocol alerted users of the incursion, warning them not to interact with it.
On September 20, Balancer alerted users that its front end was under attack. “The issue is currently under investigation,” it noted around five hours ago.
Balancer DeFi Website Compromised
The team warned users not to “interact with the Balancer UI until further notice!” There were no further updates from the Balance X (Twitter) feed at the time of writing.
However, blockchain security firm PeckShield reported that $238,000 worth of crypto assets had been stolen in the attack.
Crypto sleuth ZachXBT confirmed the amount, posting an image and the attacker’s address.
In its most recent update, PeckShield noted the Balancer frontend attacker had swapped 15.4 ETH for around 2,730 AVAX and transferred them to the Mexc exchange.
Industry commentator Colin Wu reported that a DNS hijacking attack had hit Balancer, but confirmation of this remains pending.
However, visiting the balancer.fi website generated a red flag for those that have MetaMask installed.
“MetaMask flagged the site you’re trying to visit as potentially deceptive. Attackers may trick you into doing something dangerous.”
Web3 analyst “cyclop,” said their website had been “injected with Drainer,” a malicious program that deducts tokens from wallets. They added:
“Website is generating approval transactions that enable a malicious contract to transfer all of your funds.”
As a precaution, users should disconnect all wallets. Cyclop expressed disapproval that Balancer had yet to make a statement on the situation:
“Very strange that Drainer is embedded in the actual Balancer website, looks like an exit scam. Balancer needs some kind of response to what’s happening!”
BAL Price Unmoved
BAL prices spiked to $3.45 before dumping to $3.27 in the hours following the attack. However, BAL is only down around 2% on the day as the full fallout has yet to take effect.
The DeFi token has lost a whopping 95% since its May 2021 peak, however.
Moreover, the protocol’s total value locked was unaffected by the attack and remained at $710 million, according to DeFiLlama.
It is the second time in as many months for the DeFi liquidity protocol. On August 22, Balancer Labs stated that it had received a critical vulnerability report affecting a number of V2 Pools. It also warned of a potential exploit in January.
Disclaimer
In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content.