Balancer, a popular Ethereum-based decentralized exchange (DEX), found itself at the center of a cyberattack when its domain name system (DNS) was compromised, leading to a phishing attempt targeting its users. The incident occurred on Wednesday at 7:50 pm EST, prompting immediate action from the Balancer team to safeguard its users’ funds and security.
During the attack, malicious actors exploited a DNS vulnerability to gain control of the official Balancer website link, balancer.fi. They then redirected unsuspecting users to a phishing site that was linked to a malicious contract with the intention of stealing cryptocurrency holdings.
The DNS, or domain name system, is a fundamental protocol that enables users to connect to websites by translating human-readable domain names into numerical IP addresses. In this case, attackers found a weakness in the DNS protocol, which allowed them to divert users to a fraudulent website.
Users Warned of Phishing Threat
In response to the incident, Balancer issued a warning to its user base, advising them not to interact with the website until further notice. The team quickly identified the issue as a DNS attack and commenced efforts to address the situation.
“The Balancer DAO is actively addressing the current DNS attack and is working with all relevant parties to ensure the full recovery of the Balancer UI. In the meantime, please DO NOT interact with balancer.fi or app.balancer.fi until further notice,” the Balancer team stated in another tweet.
Despite the prompt response from Balancer, there has been no official statement regarding the extent of the impact on user assets. However, security firm PeckShield estimated that approximately $238,000 worth of cryptocurrency may have been stolen during the attack, underscoring the severity of the situation.
PeckShield also reported that the balancer attacker-related address 0xf998 has received 1.04 AVAX from MEXC. Furthermore, another update from PeckShield indicated that the balancer frontend attacker had swapped 15.4 ETH for approximately 2,730 AVAX and subsequently transferred them to MEXC Deposit.
This DNS attack comes just months after Balancer suffered another significant exploit in August, resulting in the loss of nearly $1 million in stablecoin. The earlier incident was attributed to a critical flaw on the platform, which was discovered shortly after the Balancer team had advised users to withdraw from the affected liquidity pools.
Decentralized exchanges like Balancer have gained immense popularity in the crypto space for their ability to facilitate peer-to-peer transactions and provide liquidity to various digital assets. However, these platforms are also susceptible to a range of security threats, as evidenced by this recent DNS attack.
Balancer and other DeFi projects continue to face the ongoing challenge of ensuring the security of their platforms as they strive to offer users a secure and efficient way to manage their cryptocurrency assets. The incident serves as a stark reminder of the importance of robust security measures in the crypto industry and the need for constant vigilance against cyber threats.
