{"id":59744,"date":"2023-09-20T05:46:23","date_gmt":"2023-09-20T09:46:23","guid":{"rendered":"https:\/\/coinscreed.com\/staging\/?p=59744"},"modified":"2023-09-20T05:47:45","modified_gmt":"2023-09-20T09:47:45","slug":"defi-protocol-balancer-frontend-under-attack","status":"publish","type":"post","link":"https:\/\/coinscreed.com\/staging\/defi-protocol-balancer-frontend-under-attack\/","title":{"rendered":"DeFi Protocol Balancer Frontend Under Attack"},"content":{"rendered":"\n

At 11:49 UTC on September 19, the platform advised its community to refrain from interacting with the protocol Balancer until further notice.<\/p>\n\n\n\n

\"\"
DeFi protocol Balancer Frontend Under Attack<\/figcaption><\/figure>\n\n\n\n

Balancer, a decentralized finance protocol based on Ethereum, cautions users to avoid its website following an attack on its frontend.<\/p>\n\n\n\n

At 11:49 UTC on September 19, the platform notified its community, requesting that users refrain from interacting with the Balancer user interface until further notice.<\/p>\n\n\n\n

The balancer frontend is under an attack. The issue is currently under investigation. Please do NOT interact with the balancer UI until further notice!<\/p>— Balancer (@Balancer) September 19, 2023\r\n \r\n \r\n \r\n <\/g>\r\n \r\n \r\n \r\n <\/clipPath>\r\n <\/defs><\/svg><\/span><\/a><\/blockquote> \n\n\n\n

Balancer stated that the attack's specifics are being investigated. Balancer contributor Cosme Fulanito has reportedly verified that the vault remains “100% fine” despite the fact that the company has not commented on whether user funds were affected.<\/p>\n\n\n\n

However, at the time of writing, blockchain security firms, including PeckShield and blockchain analyst ZachXBT, estimated that at least $238,000 in cryptocurrency had been plundered.<\/p>\n\n\n\n

#PeckShieldAlert<\/use><\/svg><\/span><\/a> @Balancer<\/use><\/svg><\/span><\/a> has reported that its frontend under an attack, ~$238k worth of cryptos were stolen https:\/\/t.co\/aAaj0Xqery<\/use><\/svg><\/span><\/a> pic.twitter.com\/YDIjfnNYM4<\/use><\/svg><\/span><\/a><\/p>— PeckShieldAlert (@PeckShieldAlert) September 20, 2023<\/use><\/svg><\/span><\/a><\/blockquote> \n\n\n\n

Some users have reported that when interacting with the website, they are prompted to accept a malicious contract that consumes their bank accounts other users' funds.<\/p>\n\n\n\n

\ud83d\udea8 Risk alert @Balancer<\/use><\/svg><\/span><\/a> 's domain (https:\/\/t.co\/Ikuh2PEJrv<\/use><\/svg><\/span><\/a>) has been hijacked and its prompting users to approve a malicious contract that will drain your wallet.

As far as we can tell, protocol funds are safu and the issue is limited to the hijacked front-end. pic.twitter.com\/KrBUutj5H0<\/use><\/svg><\/span><\/a><\/p>— Exponential DeFi (@ExponentialDeFi) September 19, 2023<\/use><\/svg><\/span><\/a><\/blockquote> \n\n\n\n

One industry expert described the reported experiences of other users:<\/p>\n\n\n\n

\n
\n
\n

\u201cIf you open the website it asks you to change the chain, where you hold the most amount of money. After that scam transaction is sent, after confirmation money are gone. Don\u2019t open the website!!!\u201d<\/p>\n<\/blockquote>\n<\/div>\n<\/div>\n\n\n\n


Users who seek to access the Balancer website are greeted with the following warning:<\/p>\n\n\n\n

\"\"
Balancer\u2019s website as of Sept. 20 at 1:04 am UTC. Source: Balancer<\/figcaption><\/figure>\n\n\n\n

This is the second attack on Balancer in less than a month after the company warned of a critical vulnerability on August 22 and suffered an estimated $2 million exploit days later.<\/p>\n\n\n\n

\u201cBalancer is aware of an exploit related to the vulnerability below,\u201d\u00a0 the protocol's team posted on X (previously Twitter) on August 27, adding that while recent mitigation measures had considerably reduced risks, affected pools could not be paused.<\/p>\n\n\n\n

\u201cTo prevent further exploits, users must withdraw from affected LPs,\u201d the advisory stated.<\/p>\n","protected":false},"excerpt":{"rendered":"

At 11:49 UTC on September 19, the platform advised its community to refrain from interacting with the protocol Balancer until further notice. Balancer, a decentralized finance protocol based on Ethereum, cautions users to avoid its website following an attack on its frontend. At 11:49 UTC on September 19, the platform notified its community, requesting that […]<\/p>\n","protected":false},"author":53,"featured_media":59762,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[21,73],"tags":[5443,16491,5643,6370],"class_list":["post-59744","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-news","category-defi-news","tag-altcoin-2","tag-balancer-2","tag-defi-2","tag-scams"],"jetpack_featured_media_url":"https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2023\/09\/Balancer-Thumbnail.webp","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/59744","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/users\/53"}],"replies":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/comments?post=59744"}],"version-history":[{"count":0,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/59744\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media\/59762"}],"wp:attachment":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media?parent=59744"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/categories?post=59744"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/tags?post=59744"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}