Balancer Protocol Exploited for $900k
Balancer, an Ethereum-based DeFi protocol, faces scrutiny after a recent exploit resulted in a loss of nearly $900,000.
Balancer, an Ethereum-based DeFi protocol, has been making moves in the crypto community for its innovative approach to finance. However, the recent exploit has put the spotlight on the platform for all the wrong reasons.
On August 27, Balancer confirmed via social media that it had fallen victim to an exploit, resulting in a loss of nearly $900,000. This breach occurred just days after the protocol publicly disclosed a vulnerability affecting its boosted pools.
Balancer is aware of an exploit related to the vulnerability below.
Mitigation procedures have drastically reduced risks, but are unable to pause affected pools.
To prevent further exploits, users must withdraw from affected LPs.https://t.co/PDzX32gqeS https://t.co/b4CSqVFbDg — Balancer (@Balancer) August 27, 2023
Blockchain security expert Meier Dolev quickly identified an Ethereum address believed to be linked to the attacker. This address saw two significant transfers of the Dai stablecoin, amounting to $636,812 and $257,527. These transfers brought the total balance of the attacker's address to $893,978.
Before the exploit, on August 22, Balancer had made public a critical vulnerability affecting its boosted pools. In response, the team behind the protocol advised users to withdraw funds from liquidity providers and even went as far as temporarily pausing affected pools to minimize potential damages.
The disclosed vulnerability had the potential to impact assets across various networks, including Ethereum, Polygon, Arbitrum, Optimism, Avalanche, Gnosis, Fantom, and zkEVM. At the time of discovery, only 1.4% of Balancer's total assets, equivalent to over $5 million, were deemed at risk. However, by August 24, assets worth approximately $2.8 million, or 0.42% of the total value locked, remained exposed.
In light of the exploit, Balancer's team was quick to address the situation. They acknowledged the breach and emphasized that while they had taken measures to reduce risks, they couldn't halt the affected pools entirely. To prevent further incidents, the team advised users to withdraw from the impacted liquidity pools.
Balancer Protocol Liquidity Pools
Furthermore, Balancer issued guidelines to its users, emphasizing the safety of funds in the mitigated pools. They also strongly recommended users either migrate to safer pools or withdraw their funds entirely. Pools that remained vulnerable were clearly labeled as 'at risk', urging liquidity providers in these pools to exit immediately.