{"id":59851,"date":"2023-09-21T06:57:12","date_gmt":"2023-09-21T10:57:12","guid":{"rendered":"https:\/\/coinscreed.com\/staging\/?p=59851"},"modified":"2023-09-21T06:57:16","modified_gmt":"2023-09-21T10:57:16","slug":"balancer-recovers-from-dns-attack-warns-of-fi-domain-risks","status":"publish","type":"post","link":"https:\/\/coinscreed.com\/staging\/balancer-recovers-from-dns-attack-warns-of-fi-domain-risks\/","title":{"rendered":"Balancer Recovers from DNS Attack, Warns of .fi Domain Risks"},"content":{"rendered":"\n

Balancer has recovered its domain after a DNS attack<\/a> that compromised its website and led to the loss of $240,000 in crypto. The attack resulted from a social engineering attack on EuroDNS, the domain registrar for .fi domains. Balancer is considering moving to a more secure registrar and warns other projects to do the same.<\/p>\n\n\n\n

\"Balancer<\/figure>\n\n\n\n

A DNS attack is a type of cyberattack that exploits the Domain Name System (DNS), which is the system that translates domain names into IP addresses. <\/p>\n\n\n\n

By hijacking or spoofing the DNS records, an attacker can redirect users to a malicious website that looks like the legitimate one.<\/p>\n\n\n\n

This happened to Balancer on Sept. 19, when its website\u2019s frontend was compromised by an unknown hacker who used a social engineering attack on EuroDNS, the domain registrar for .fi domains. <\/p>\n\n\n\n

EuroDNS\r\n \r\n \r\n \r\n <\/g>\r\n \r\n \r\n \r\n <\/clipPath>\r\n <\/defs><\/svg><\/span><\/a> is a Luxembourg-based company that provides domain name registration and DNS services.<\/p>\n\n\n\n

The hacker was able to gain access to Balancer\u2019s domain and redirect users or their transactions to a phishing website that looked like Balancer\u2019s interface. <\/p>\n\n\n\n

The hacker then induced users to approve and transfer funds to their Ethereum address using a ” transferFrom ” function.<\/p>\n\n\n\n

According to blockchain security firms SlowMist and CertiK, the hacker also used phishing contracts called Angel Drainer, which is known for draining crypto wallets. The hacker managed to steal about $238,000<\/strong> worth of crypto from unsuspecting users.<\/p>\n\n\n\n

How Balancer Recovered from the Attack<\/h3>\n\n\n\n

Balancer detected the attack and issued a public notice on Sept. 20, advising users not to interact with its website until further notice. <\/p>\n\n\n\n

\n

Regarding the recent DNS attack, we can confirm that the domain is now secure and back under the control of the Balancer DAO.https:\/\/t.co\/kNWcQADaqa<\/use><\/svg><\/span><\/a> and other https:\/\/t.co\/RQO6oJXEpJ<\/use><\/svg><\/span><\/a> subdomains are SAFE to use.

[1\/2]<\/p>— Balancer (@Balancer) September 20, 2023<\/use><\/svg><\/span><\/a><\/blockquote>

It also said it was actively addressing the attack and working with all relevant parties to ensure the full recovery of its domain.<\/p>\n\n\n\n

After investigation, Balancer confirmed that the attack was a result of a social engineering attack on EuroDNS and not a breach of its smart contracts or backend. <\/p>\n\n\n\n

It also said it was exploring deprecating the .fi top-level domain (TLD) and moving to a more secure registrar. It suggested that other projects using the same TLD should do the same.<\/p>\n\n\n\n

On Sept. 21, Balancer announced that it had regained control over its domain and brought it back under the control of Balancer DAO, its decentralized autonomous organization. <\/p>\n\n\n\n

It also confirmed that its subdomains \u201capp.balancer.fi\u201d<\/em> and \u201cbalancer.fi\u201d<\/em> were safe to use again.
<\/p>\n\n\n\n

The Implications for DeFi<\/h4>\n\n\n\n

Balancer\u2019s attack is not the first nor the last DNS attack on DeFi protocols. In July, PancakeSwap<\/a> and Cream Finance<\/a> suffered similar attacks that compromised their websites and tried to steal users\u2019 funds. <\/p>\n\n\n\n

These attacks show the vulnerability of DeFi protocols<\/a> to DNS attacks and the need for more security measures.<\/p>\n\n\n\n

Balancer\u2019s attack also highlights the importance of choosing a reliable and trustworthy domain registrar and TLD for DeFi protocols. <\/p>\n\n\n\n

As Balancer\u2019s founder Fernando Martinelli said, <\/p>\n\n\n\n

\n

\u201cFor now, we (BLabs founders\/investors) don\u2019t vote to avoid any influence on the community\u2019s opinion. However, we are very excited about these swaps that generate long-term alignment between other DAOs and ours.\u201d<\/p>\n<\/blockquote>\n\n\n\n

Balancer is one of the leading DeFi protocols in terms of total value locked (TVL), with over $1.5 billion<\/strong> as of Sept. 22. <\/p>\n\n\n\n

It provides liquidity pools, portfolio management, and price sensors for DeFi users and traders. It also has its own governance token, BAL,<\/use><\/svg><\/span><\/a> which gives holders voting rights in Balancer DAO.<\/p>\n","protected":false},"excerpt":{"rendered":"

Balancer has recovered its domain after a DNS attack that compromised its website and led to the loss of $240,000 in crypto. The attack resulted from a social engineering attack on EuroDNS, the domain registrar for .fi domains. Balancer is considering moving to a more secure registrar and warns other projects to do the same. […]<\/p>\n","protected":false},"author":44,"featured_media":59857,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[32],"tags":[16507,1302,197,11126],"class_list":["post-59851","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-crypto-exchange-news","tag-fi","tag-balancer","tag-defi","tag-dns-hijack"],"jetpack_featured_media_url":"https:\/\/coinscreed.com\/staging\/wp-content\/uploads\/2023\/09\/DNS_Security_domain-.jpg","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/59851","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/users\/44"}],"replies":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/comments?post=59851"}],"version-history":[{"count":0,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/posts\/59851\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media\/59857"}],"wp:attachment":[{"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/media?parent=59851"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/categories?post=59851"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/coinscreed.com\/staging\/wp-json\/wp\/v2\/tags?post=59851"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}