Ethereum-based automated market maker (AMM) and decentralized finance (DeFi) protocol Balancer has recently suffered a front-end attack on its website, and blockchain sleuths are saying that more than $200K were stolen.
In the early hours of Wednesday, September 20, the official X account of Balancer announced that the protocol website was under attack and asked users to interact with the user interface (UI) of the Balancer app until further notice.
The announcement reads:
“The balancer front-end is under an attack. The issue is currently under investigation. Please do NOT interact with the balancer UI until further notice!”
The balancer frontend is under an attack. The issue is currently under investigation. Please do NOT interact with the balancer UI until further notice!
— Balancer (@Balancer) September 19, 2023
$238K Have Been Stolen So Far from The DeFi
As of writing, the Balancer team has not provided any update on whether users’ funds are safe. According to the Balancer Discord channel, the protocol’s smart contracts are safe as only the front end is compromised. They are suggesting a Domain Name Service (DNS) attack, which involves redirecting the IP address of a website to another URL address.
Another DeFi platform, Exponential DeFi, confirmed this, saying that the Balancer domain name was hijacked and was prompting users to approve a malicious contract that would drain users’ wallets. Experimental DeFi wrote:
“@Balancer’s domain has been hijacked and its prompting users to approve a malicious contract that will drain your wallet. As far as we can tell, protocol funds are safu, and the issue is limited to the hijacked front-end.”
As far as we can tell, protocol funds are safu and the issue is limited to the hijacked front-end. pic.twitter.com/KrBUutj5H0
— Exponential DeFi (@ExponentialDeFi) September 19, 2023
Balancer contributor Cosme Fulanito has reportedly confirmed that Balancer’s vault remains 100% fine. That’s why the protocol team urged users not to interact with the Balancer DeFi app, as only the users who use the app are at risk.
According to blockchain sleuth ZachXBT, the attacker(s) was able to siphon off $238,000, which was redirected to an unknown Ethereum address.
Stolen funds are being directed to this address
~$238k stolen so far pic.twitter.com/rwMybBaLoA
— ZachXBT (@zachxbt) September 20, 2023
This is the second attack on the Balancer DeFi protocol in less than a month. As reported previously in Crypto Economy, on August 24, 2023, the Balancer team asked users to withdraw funds after discovering a vulnerability in some of its V2 liquidity pools (LPs). The swift action by the Balancer team managed to secure more than 80% of the compromised funds.
However, some $5.6 million worth of funds were still in those affected LPs. On August 27, Balancer suffered several flash loan attacks that reportedly were related to the vulnerability found earlier. The attacker(s) was able to bag $2.1 million from these attacks. There has been no more update as the time of writing.
🚨The @Balancer exploiters have gained a total of ~$2.1M
— Beosin Alert (@BeosinAlert) August 29, 2023