The Balancer DeFi Protocol Faces Attack and Theft
The decentralized finance (DeFi) protocol Balancer recently experienced a security breach, leading to the theft of approximately $238,000 worth of cryptocurrency assets. The protocol quickly alerted its users not to interact with its user interface (UI) until further notice. While the team is investigating the issue, there have been no updates provided yet.
Confirmation of a DNS Hijacking Attack
Blockchain security firm PeckShield reported that the attacker behind the breach swapped 15.4 ETH for around 2,730 AVAX tokens and transferred them to the Mexc exchange. Industry commentator Colin Wu suggested that a DNS hijacking attack might be responsible for the incident, but this has yet to be confirmed. Visitors to the balancer.fi website were also warned by MetaMask that it could potentially be deceptive.
Cyclop’s Account of the Attack
A web3 analyst known as “cyclop” discovered that their website had been injected with a malicious program called Drainer, which deducts tokens from wallets. They urged users to disconnect all wallets as a precautionary measure and expressed frustration over Balancer’s lack of response.
Minimal Impact on BAL Price and Total Value Locked
Following the attack, BAL token prices briefly spiked before experiencing a small drop. However, the full impact on BAL prices is yet to be seen. Despite this incident, Balancer’s total value locked remains at $710 million, unaffected by the breach.
Hot Take: Balancer Faces Second Security Incident in Recent Months
This recent security breach marks the second time in just a few months that Balancer has faced vulnerabilities and potential exploits. In August, the protocol received a critical vulnerability report related to V2 Pools, and a potential exploit was also warned against in January. Balancer’s ability to address these security challenges will be crucial for maintaining user trust and securing its position in the DeFi space.
By
By
By
By
By
By