DeFi protocol Balancer frontend is under attack, $238K crypto stolen


Balancer, an Ethereum-based decentralized finance protocol is warning users to stay away from its website, after an attack on its frontend. 

The platform notified its community on Sept. 19 at 11:49 pm UTC, urging users to not interact with the  Balancer user interface until further notice.

Balancer said the details of the attack are under investigation. The firm hasn’t officially commented on whether user funds were affected, but Balancer contributor Cosme Fulanito has reportedly confirmed that Balancer’s vault remains “100% fine.”

Blockchain security firms including PeckShield and blockchain analyst ZachXBT however estimated at least $238,000 in crypto has been stolen so far.

Some users have been reporting that when interacting with the website, they’re being prompted to approve a malicious contract that drains users’ wallets.

One industry pundit explained what other users have reportedly experienced:

“If you open the website it asks you to change the chain, where you hold the most amount of money. After that scam transaction is sent, after confirmation money are gone. Don’t open the website!!!”

Users attempting to access the Balancer website is met with a warning sign:

Balancer’s website as of Sept. 20 at 1:04 am UTC. Source: Balancer

Related: Breaking: ‘All funds are at risk’ — Steadefi exploited in ongoing attack

This is the second attack on Balancer in less than a month after it warned of a critical vulnerability on Aug. 22, confirming that it suffered a $900,000 exploit related to the vulnerability just days later.

Magazine: Recursive inscriptions: Bitcoin ‘supercomputer’ and BTC DeFi coming soon