DeFi Protocol Balancer Exploited Again, Losing $238,000

The decentralized finance (DeFi) protocol Balancer has been attacked in what appears to be the latest industry exploit. The protocol alerted users of the incursion, warning them not to interact with it.

On September 20, Balancer alerted users that its front end was under attack. “The issue is currently under investigation,” it noted around five hours ago. 

Balancer DeFi Website Compromised 

The team warned users not to “interact with the Balancer UI until further notice!” There were no further updates from the Balance X (Twitter) feed at the time of writing. 

However, blockchain security firm PeckShield reported that $238,000 worth of crypto assets had been stolen in the attack

Crypto sleuth ZachXBT confirmed the amount, posting an image and the attacker’s address.

Screenshot from Balancer attack. Source: X/@zachxbt
Screenshot from Balancer attack. Source: X/@zachxbt

In its most recent update, PeckShield noted the Balancer frontend attacker had swapped 15.4 ETH for around 2,730 AVAX and transferred them to the Mexc exchange.

Industry commentator Colin Wu reported that a DNS hijacking attack had hit Balancer, but confirmation of this remains pending.

However, visiting the balancer.fi website generated a red flag for those that have MetaMask installed. 

“MetaMask flagged the site you’re trying to visit as potentially deceptive. Attackers may trick you into doing something dangerous.”

Screenshot from compromised Balancer website. Source: BeInCrypto/Balancer.fi 
Screenshot from compromised Balancer website. Source: BeInCrypto/Balancer.fi 

Web3 analyst “cyclop,” said their website had been “injected with Drainer,” a malicious program that deducts tokens from wallets. They added:

“Website is generating approval transactions that enable a malicious contract to transfer all of your funds.”

As a precaution, users should disconnect all wallets. Cyclop expressed disapproval that Balancer had yet to make a statement on the situation:

“Very strange that Drainer is embedded in the actual Balancer website, looks like an exit scam. Balancer needs some kind of response to what’s happening!”

BAL Price Unmoved

BAL prices spiked to $3.45 before dumping to $3.27 in the hours following the attack. However, BAL is only down around 2% on the day as the full fallout has yet to take effect. 

Balancer BAL Price Chart. Source: BeInCrypto
Balancer BAL Price Chart. Source: BeInCrypto

The DeFi token has lost a whopping 95% since its May 2021 peak, however. 

Moreover, the protocol’s total value locked was unaffected by the attack and remained at $710 million, according to DeFiLlama

It is the second time in as many months for the DeFi liquidity protocol. On August 22, Balancer Labs stated that it had received a critical vulnerability report affecting a number of V2 Pools. It also warned of a potential exploit in January. 

Disclaimer

In adherence to the Trust Project guidelines, BeInCrypto is committed to unbiased, transparent reporting. This news article aims to provide accurate, timely information. However, readers are advised to verify facts independently and consult with a professional before making any decisions based on this content.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *