The well known DeFi protocol on Ethereum, Balancer, has been targeted by a frontend assault, tricking end users into sending money to a hacker’s deal with.
On the morning of September twenty, the X (Twitter) account of Balancer, the major AMM protocol on Ethereum with a TVL of above $710 million, issued a warning that the project’s web-site interface (frontend) had been attacked by attackers and advise end users not to interact at this time.
🚨Risk alert @Balancer the domain of (https://t.co/Ikuh2PEJrv) has been hacked and involves end users to approve a malicious contract that will drain your wallet.
As far as we know, the protocol money are harmless and the issue is constrained to the compromised front finish. pic.twitter.com/KrBUutj5H0
— Exponential DeFi (@ExponentialDeFi) September 19, 2023
As a outcome, it seems that the hacker accessed the frontend of the Balancer web-site, then modified the information so that end users interact with the malicious deal with.
Stolen money are routed to this deal with
0x645710Af050E26bB96e295bdfB75B4a878088d7E
~$238k stolen so far pic.twitter.com/rwMybBaLoA
— ZachXBT (@zachxbt) September 20, 2023
According to “on-chain detective” ZachXBT, the attacker stole roughly $238,000 in assets from Balancer end users who had been unfortunate sufficient to entry the protocol’s consumer interface for the duration of the assault.
The price tag of Balancer’s BAL token not only had no damaging reactions, but even improved somewhat immediately after the details that the frontend had been attacked.
This is the 2nd assault towards Balancer in just a month. In late August, just days immediately after finding a significant vulnerability, Balancer had much more than $two million in assets stolen by an unknown hacker.
Coinlive compiled
Join the discussion on the hottest difficulties in the DeFi market place in the chat group Coinlive Chats Let’s join the administrators of Coinlive!!!