DeFi protocol Balancer suffers $240k loss in front end compromise spurred by DNS attack DeFi protocol Balancer suffers $240k loss in front end compromise spurred by DNS attack
Balancer has advised users not to interact with its frontend until further notice.
2 min read
Updated: Sep. 20, 2023 at 1:42 pm UTC
Cover art/illustration via CryptoSlate. Image includes combined content which may include AI-generated content.
Around $240,000 worth of digital assets have been stolen through a frontend compromise of DeFi protocol Balancer, according to blockchain security firm Peckshield.
Earlier today, Balancer confirmed that its front end was under attack and urged users to avoid interacting with the interface until further notice.
An update from the protocol’s DAO revealed that the compromise was caused by a Domain Name Service (DNS) attack. It wrote:
“The Balancer DAO is actively addressing the current DNS attack and is working with all relevant parties to ensure the full recovery of the Balancer UI. In the meantime, please DO NOT interact with balancer.fi or app.balancer.fi until further notice.”
CryptoSlate attempt to reach the website showed that MetaMask has flagged it as a “potentially deceptive” site.
On-chain sleuth ZachXBT corroborated the stolen amount, sharing an image of the attacker’s address.
The address identified by ZachXBT came to life approximately ten hours ago, and certain transactions associated with it have been tagged as “scams.” Additionally, the wallet’s balance currently contains $152,000 worth of assets.
One Balancer user, Defi_Hanzo, explained how the attack occurred on the website. Hanzo stated:
“Website spams with “Switch to BSC/ETH/Avalanche”, you switch, then some transaction pop up, you confirm it by accident (because u r on balancer and what can go wrong) and boom, money gone”
However, Balancer has maintained that its smart contract remains unaffected by the compromise.ย
Meanwhile, the attack comes less than a month after the DeFi project lost almost $1 million worth of assets to a compromise of its V2 pools. At the time, the project advised its users to withdraw their funds from the affected pools to prevent further attacks.
Author 
Oluwapelumi Adejumo
Oluwapelumi values Bitcoin's potential. He imparts insights on a range of topics like DeFi, hacks, mining and culture, underlining transformative power.
Editor Editor 
Liam 'Akiba' Wright
Also known as "Akiba," Liam is a reporter, editor and podcast producer at CryptoSlate. He believes that decentralized technology has the potential to make widespread positive change.
In this article
Ethereum is a decentralized, open-source blockchain platform that enables the creation of smart contracts and decentralized applications (DApps).
