Balancer Says Frontend Hack Resulted From a Social Engineering Attack
Balancer, an Ethereum-based decentralized protocol, said that the platform regained control of its domain and is secure shortly after hackers attacked its frontend.
According to Balancer, a social engineering attack was responsible for the latest incident.
- Balancer recently suffered a Domain Name System (DNS) attack, with the firm warning users to stay away from the interface until further notice to avoid falling victim to the hackers looking to drain their wallets while investigations were ongoing.
- Although Balancer did not officially report any amount stolen, on-chain sleuth ZachXBT said that the hackers stole nearly $240,000, with the funds sent to an Ethereum address.
- Balancer further warned users not to interact with balancer.fi or app.balancer.fi until otherwise instructed.
- Following the completion of its investigation, Balancer said the incident was a result of a social engineering attack on EuroDNS, the domain name registrar for .fi Top-level domains (TLDs).
Regarding the recent DNS attack, we can confirm that the domain is now secure and back under the control of the Balancer DAO.https://t.co/kNWcQADaqa and other https://t.co/RQO6oJXEpJ subdomains are SAFE to use.
— Balancer (@Balancer) September 20, 2023
- While the firm assured users that it regained control of its main domains and subdomains, it said the protocol was looking at migrating to a more secure registrar.
“We are exploring deprecating the .fi TLD in order to move to a more secure registrar and suggest that other projects using the TLD do the same.”
- Balancer previously suffered a loss of nearly $1 million on August 27 after hackers exploited a critical vulnerability in some of the protocol’s V2 pools.