Balancer calls .fi domains unsafe after regaining access to front end
DeFi protocol Balancer asserts .fi domains risk after suffering a devastating DNS attack and potential social engineering scam.
The decentralized finance (DeFi) protocol Balancer has reportedly regained control over its domain after losing approximately $240,000 due to a frontend compromise due to a Domain Name Service (DNS) attack. Balancer made the statement confirming it had regained access via X on Sept 20.
The DNS attack led to the theft of significant digital assets. The breach occurred when Balancer’s front end was compromised, leading the protocol to advise users against interacting with its interface.
On Sept 20, Balancer had stated, “We are actively addressing the current DNS attack and are working with all relevant parties to ensure the full recovery of the Balancer UI. In the meantime, please DO NOT interact with http://balancer.fi or http://app.balancer.fi until further notice.”
Upon investigation, it was discovered that this was a targeted act of social engineering on EuroDNS, the domain registrar used for .fi TLDs. In the aftermath of this security breach, Balancer is considering deprecating the .fi TLD to move to a more secure registrar and suggests other projects using the TLD do the same.
Further, the project recommended that other platforms also migrate away from .fi domains.
“We are exploring deprecating the .fi TLD in order to move to a more secure registrar and suggest that other projects using the TLD do the same.”
Balancer has now confirmed,
“We can confirm that the domain is now secure and back under the control of the Balancer DAO.
http://app.balancer.fi and other http://balancer.fi subdomains are SAFE to use.”