DeFi protocol Balancer frontend is under attack, $238K crypto stolen

Brayden Lindrea8 hours agoDeFi protocol Balancer frontend is under attack, $238K crypto stolenThe platform notified its community on Sept. 19 at 11:49 pm UTC, urging users not to interact with Balancer protocol until further notice.2735 Total views28 Total sharesListen to article 0:00NewsJoin us on social networksBalancer, an Ethereum-based decentralized finance protocol, warns users to stay away from its website after an attack on its frontend.

The platform notified its community on Sept. 19 at 11:49 pm UTC, urging users not to interact with the  Balancer user interface until further notice.The balancer frontend is under an attack. The issue is currently under investigation. Please do NOT interact with the balancer UI until further notice!— Balancer (@Balancer) September 19, 2023

Balancer said the details of the attack are under investigation. The firm hasn’t officially commented on whether user funds were affected, but Balancer contributor Cosme Fulanito has reportedly confirmed that Balancer’s vault remains “100% fine.“

However, blockchain security firms, including PeckShield and blockchain analyst ZachXBT, estimated that at least $238,000 in crypto had been stolen at the time of writing.#PeckShieldAlert @Balancer has reported that its frontend under an attack, ~$238k worth of cryptos were stolen https://t.co/aAaj0Xqery pic.twitter.com/YDIjfnNYM4— PeckShieldAlert (@PeckShieldAlert) September 20, 2023

Some users have been reporting that when interacting with the website, they’re being prompted to approve a malicious contract that drains users’ wallets.Risk alert @Balancer 's domain (https://t.co/Ikuh2PEJrv) has been hijacked and its prompting users to approve a malicious contract that will drain your wallet.

As far as we can tell, protocol funds are safu and the issue is limited to the hijacked front-end. pic.twitter.com/KrBUutj5H0— Exponential DeFi (@ExponentialDeFi) September 19, 2023

One industry pundit explained what other users have reportedly experienced:“If you open the website it asks you to change the chain, where you hold the most amount of money. After that scam transaction is sent, after confirmation money are gone. Don’t open the website!!!”

Users attempting to access the Balancer website is met with a warning sign:Balancer’s website as of Sept. 20 at 1:04 am UTC. Source: Balancer

Related:Breaking: ‘All funds are at risk" — Steadefi exploited in ongoing attack

This is the second attack on Balancer in less than a month after it warned of a critical vulnerability on Aug. 22, suffering an estimated $2 million exploit related to the vulnerability just days later.

“Balancer is aware of an exploit related to the vulnerability below,” the protocol’s team posted on X (formerly Twitter) on Aug. 27, adding that while mitigation measures taken in recent days had drastically reduced risks, affected pools could not be paused.

“To prevent further exploits, users must withdraw from affected LPs,” it advised. 

Magazine: Recursive inscriptions: Bitcoin ‘supercomputer’ and BTC DeFi coming soon# Altcoin# Hackers# Scams# Hacks# DeFiAdd reactionAdd reactionRead moreHow to actually spend your Bitcoin, ExplainedHuman vs. AI: Who is better at crypto investing?Decentralized finance needs alternatives to blockchain