- Balancer has warned users against interacting with its website’s user interface noting that it has been compromised
- Blockchain security sleuths estimate the amount stolen to be more than $230,000
- Balancer is yet to reveal more information about the attack
DeFi platform Balancer has cautioned users against interacting with its website saying that malicious actors have taken over its frontend. The attack comes less than a month after the platform suffered another incident that cost it almost $1 million. The platform is yet to give a detailed outline of the attack but blockchain security sleuths estimate the amount stolen so far to be more than $230,000, an amount that can be higher as more users unknowingly interact with the website.
Attackers Redirect Balancer Users to a Malicious Contract
Balancer disclosed that it’s investigating the incident with entities associated with the platform saying that funds in the protocol’s vault are not affected. According to blockchain investigators like PeckShield, the amount siphoned from the platform currently stands at approximately $238,000.
#PeckShieldAlert @Balancer has reported that its frontend under an attack, ~$238k worth of cryptos were stolen https://t.co/aAaj0Xqery pic.twitter.com/YDIjfnNYM4
— PeckShieldAlert (@PeckShieldAlert) September 20, 2023
Available details indicate that the malicious actors intend to redirect Balancer users to another smart contract created to withdraw funds from users’ wallets. Some of those who accessed the site noted that opening Balancer’s website prompts you to switch to a blockchain where “you hold the most amount of money.”
DeFi Hackers Employ New Tactics
The attack comes roughly a month after the platform warned users of a vulnerability in its high-interest-paying boosted pools and advised users to withdraw their funds, a notification that saw over $100 million leave the platform. A week later, malicious actors used the vulnerability to steal more than $900,000.
DeFi hackers have been employing no-so-common tactics to get to user funds. In July, for example, they exploited a weakness in some versions of the Vyper programming language and siphoned over $70 million from DeFi platforms such as Curve Finance.
Although Balancer is a leading DeFi platform, frequent attacks are likely to lower its appeal among users leading to a slow demise.
