Balancer DeFi Protocol Faces Ongoing Assault on Its Web Front End

According to on-chain data, it appears that the attacker has managed to pilfer upwards of $200,000 from affected users.

Balancer, a decentralized trading protocol, has disclosed that its web front end is currently grappling with an exploit. Consequently, they are strongly advising users to refrain from any interactions with the compromised website.

The balancer frontend is under an attack. The issue is currently under investigation. Please do NOT interact with the balancer UI until further notice!

— Balancer (@Balancer) September 19, 2023

Reports from both Balancer's official Twitter account and the Metamask wallet have indicated that the Balancer URL, or web address, has fallen victim to a redirect attack. This means that users are being redirected to a fraudulent page instead of the legitimate site. Cybercriminals execute these redirect attacks by leveraging users' trust in a website, injecting a redirection to a malicious page either in the website's code or through a phishing email.

Blockchain security firm Certik has revealed that hacks, exploits, and scams within the crypto sector have resulted in losses surpassing $1 billion as of early September this year. July alone saw crypto traders lose $303 million, marking it as the most financially detrimental month of the year due to such attacks.

The attacker is purportedly associated with the phishing group "AngelDrainer," as indicated by crypto tracking platform MistTrack. They exploited this method to breach the website and coerced users into authorizing fund transfers.

An internet investigator known as ZachXBT has identified a wallet address that appears to have been involved in the theft of over $200,000 in digital assets. According to data from Nansen.ai, the current balance of the wallet stands at slightly over $100,000, with the majority of assets consisting of stETH and DAI.

On-chain data suggests that the individual controlling the wallet has been relocating some of the stolen assets to Aave.

Data by Etherscan MistTrack suggested that there might be potential ties between the attacker and Russia based on "pertinent intelligence" they have gathered, although specific details were not provided.

This attack transpired roughly a month after Balancer issued a public warning regarding an unrelated vulnerability in the protocol's pools and advised users to withdraw their assets.

As per DefiLlama data, Balancer currently boasts a total value locked of approximately $700 million, securing its position as the fourth-largest decentralized exchange.

Read more: PayPal's Crypto Revolution