Balancer Protocol Exploited for Over $900k

Bitget App

Trade smarter

Bitget

News

DailyCoin2023/10/30 12:06

By:DailyCoin

Balancer Protocol has suffered an exploit.
This follows a critical vulnerability warning on August 22.
The hacker is still active, transferring funds.

DeFi protocol and Ethereum automated market maker (AMM) Balancer was exploited, leading to a loss of over $900,000 worth of crypto. The protocol confirmed the exploit via Twitter on August 27 and encouraged users to withdraw their funds from the affected liquidity pools.

The development comes a few days after Balancer reported a critical vulnerability in its V2 pools.

The Hacker Used an Ethereum Address

Cyvers founder and CTO Meir Dolev was among the first blockchain security experts to comment on the matter, noting that the hacker used an Ethereum address to transfer the stolen funds in DAI stablecoin.

The attacker continues with his operation, approx $900K affected, more than $600K moved to this address
0xB23711b9D92C0f1c7b211c4E2DC69791c2df38c1 pic.twitter.com/inNqH4zel2
— Meir Dolev (@Meir_Dv) August 27, 2023

While primary sources indicate that the hacker conducted two transactions totaling $893,978 in DAI, the associated wallet address had received another 85,080 DAI at the time of press. Cumulatively, the address now holds $978,947 worth of DAI.

“Mitigation procedures have drastically reduced risks but are unable to pause affected pools. To prevent further exploits, users must withdraw from affected LPs,” read Balancer’s tweet.

Alert on Critical Vulnerability

The Balancer Protocol team issued a vulnerability warning on August 22, noting that its boosted liquidity pools were susceptible to an attack.

Over $5 million of assets were exposed to risks during the vulnerability discovery, representing about 1.4% of the protocol’s total assets deployed on Ethereum, Optimism, Polygon, Avalanche, Gnosis, Arbitrum, zkEVM , and Fantom.

On August 25, the protocol released an update stating that 99.7% of the liquidity deemed vulnerable was safe, with only $565,199 of the total value locked remaining at risk.

Despite the previous mitigation measures aimed at lowering the vulnerability risks, the hacker still managed to steal more than what was deemed vulnerable, with recent wallet activity showing that the amount is almost a million.

Read how the FBI tracked down stolen crypto assets worth millions of dollars:

FBI Tracks Down 1,580 Bitcoin Stolen by North Korean Hackers

Here is how another DeFi Protocol was hacked:

Zunami Protocol Hacked, Stablecoin Pools Manipulated

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Locked for new tokens.

APR up to 10%. Always on, always get airdrop.

Lock now!