Balancer: Security Update and Future Plans
Balancer, a decentralized protocol built on the Ethereum network, has confirmed the successful recovery of its domain and ensured its security following a recent assault on its frontend by malicious hackers.
The incident was attributed to a social engineering attack, as disclosed by Balancer.
Recently, Balancer faced a targeted assault on its Domain Name System (DNS), prompting the company to caution users against accessing the interface until further notice to prevent potential financial losses due to the hackers' efforts to deplete their funds. Investigations were promptly initiated to address the issue.
While Balancer refrained from publicly disclosing the precise amount stolen, on-chain investigator ZachXBT estimated the hackers' haul at approximately $240,000, which was subsequently transferred to an Ethereum address.
To safeguard users, Balancer emphasized avoiding interaction with balancer.fi or app.balancer.fi until receiving updated guidance.
Upon the conclusion of a thorough investigation, Balancer revealed that the breach resulted from a social engineering attack on EuroDNS, the domain name registrar for .fi Top-level domains (TLDs).
Regarding the recent DNS attack, we can confirm that the domain is now secure and back under the control of the Balancer DAO.https://t.co/kNWcQADaqa and other https://t.co/RQO6oJXEpJ subdomains are SAFE to use.— Balancer (@Balancer) September 20, 2023
While affirming the regaining of control over its primary and secondary domains, Balancer conveyed its intention to evaluate a transition to a more secure registrar. Their statement read, "We are contemplating deprecating the .fi TLD, aiming to migrate to a registrar with enhanced security measures. We encourage other projects utilizing the TLD to consider a similar move."
Earlier, Balancer suffered a significant loss of nearly $1 million on August 27 due to hackers exploiting a critical vulnerability present in certain V2 pools of the protocol.