- Balancer DeFi reports a second security breach within a month.
- Approximately $238,000 in cryptocurrency stolen during the attack.
- User funds held in the protocol may not be affected; investigation ongoing.
Balancer, the decentralized finance (DeFi) protocol built on Ethereum, finds itself confronting yet another security breach, less than a month after enduring a similar incident.
The platform issued an alert to its users after detecting an intrusion into its frontend, urging them to abstain from engaging with the Balancer user interface until further notice.
This breach came to light on September 19th, around 11:49 pm UTC, raising concerns within the user community and the wider DeFi sphere.
The balancer frontend is under an attack. The issue is currently under investigation. Please do NOT interact with the balancer UI until further notice!
— Balancer (@Balancer) September 19, 2023
While the extent of the attack is still being probed, blockchain security firms such as PeckShield and blockchain analyst ZachXBT estimate that roughly $238,000 worth of cryptocurrency has been misappropriated.
Stolen funds are being directed to this address
~$238k stolen so far pic.twitter.com/rwMybBaLoA
— ZachXBT (@zachxbt) September 20, 2023
The attackers‘ method appears to revolve around seizing control of the Balancer domain, Balancer.fi. Those who visited the compromised website were prompted to authorize a malicious contract, unwittingly facilitating the siphoning of their digital assets. Reports from affected users suggest that this deceitful approach has proven highly effective.
Despite the ongoing investigation, Cosme Fulanito, a contributor to Balancer, has provided some assurance that the protocol’s vault remains intact, indicating that user funds within the protocol may not have been compromised. However, official confirmation from the company is still pending.
This latest security breach follows closely on the heels of a troubling incident in August when Balancer’s vulnerability was exposed. After warning users about a critical vulnerability, the platform suffered an estimated $2 million exploit linked to the same weakness just days later. While mitigation measures were implemented to reduce risks, the affected liquidity pools could not be paused, necessitating an urgent withdrawal advisory for users.
Learning from the previous incident, the Balancer team has moved swiftly to investigate and contain the breach. Users are now strongly advised to exercise extreme caution, refraining from any interaction with the platform’s user interface until the situation is resolved, underscoring the perpetual challenge of maintaining security and trust within the DeFi ecosystem.
Disclaimer: The views and opinions expressed by the author, or any people mentioned in this article, are for informational purposes only, and they do not constitute financial, investment, or other advice. Investing in or trading cryptoassets comes with a risk of financial loss.