- Defi Protocol, Balancer, said its web front end was under an attack.
- Blockchain security firm, PeckShield, revealed that $238,000 worth of crypto tokens were stolen in the attack.
Phishing Group Attacks DeFi Protocol’s (Balancer) Front Web
Balancer, a decentralized finance platform, notified its community of an ongoing attack on its website UI.
The DeFi protocol warned users not to interact with its Balancer user interface until further notice.
“The Balancer frontend is under attack. The issue is currently under investigation. Please do NOT interact with the Balancer UI until further notice!” The DeFi protocol warned in a post on X, formerly Twitter.
Mist Tracker, a crypto tracking platform, claimed that the attacker was part of a phishing group known as AngelDrainer. The crypto tracking platform also stated that the attacker was from Russia, but no further details were disclosed on how the attacker’s nationality was discovered.
While the DeFi Protocol team claimed its vaults are untouched, security analysts like PeckShield and ZachXBT revealed that over $238,000 were stolen in the front-end attack on Balancer.
The attacker’s wallet address currently holds $100,000, according to Nansen.ai’s data report.
Coindesk also reported that the attacker’s wallet transactions showed that part of the stolen tokens had been moved to Aave.
A Balancer user, DeFi_Hanzo, explained how the attack occurred in a post on X.
“If you open the website, it asks you to change the chain, where you hold the most amount of money. After that scam transaction is sent, after confirmation, the money is gone. Don’t open the website!!!”
Web3’s 2D detective, ZachXBT, identified the attacker’s wallet address, created ten hours before the scammer gained access to Balancer’s front end.
The Balancer team’s update on the attack revealed that the attack was caused by a Domain Name Service (DNS) attack.
“After investigation, it is clear that this was a social engineering attack on EuroDNS, the domain registrar used for .fi TLDs.
We are exploring deprecating the .fi TLD in order to move to a more secure registrar and suggest that other projects using the TLD do the same,” The DeFi Protocol revealed.
Despite the findings from on-chain data, the DeFi platform is yet to admit that it lost funds to the attack.
Crypto scams and attacks have been on the rise at an alarming rate this year. Certik, a security firm, revealed in its recent report that over $1 billion had been lost to crypto scams, attacks, hacks, and exploits this year.
Despite the struggling state of the crypto market, scammers and phishing groups have repeatedly launched attacks on the space.
Last week, several crypto users and platforms were victims of various attacks.
September has witnessed about ten crypto attacks on decentralized finance platforms and cryptocurrency exchanges.
This is the second crypto attack on Balancer within one month. In August, Balancer was under multiple flash loan attacks. The DeFi Protocol warned its users of a vulnerability in their pool. They encouraged users to remove their funds from the affected pools.
Days later, the total amount lost to the exploit was $2.1 million worth of crypto tokens.
