Across their social media channels, Ethereum-based decentralized exchange (DEX) Balancer reported an attack against its front end. The platform confirmed that a Domain Name System (DNS) attack targeted the DEX, preventing users from accessing the DEX.
Ethereum DeFi Under Siege
According to an official post, a team is investigating the DNS attack against Balancer. In the meantime, users were asked to avoid interacting with the DEX’s front end to prevent them from falling victim to the bad actors.
In a DNS attack, bad actors can employ different strategies to compromise the security of a website and drain the users’ crypto wallets. Until the investigation is concluded, the team behind Balancer cannot guarantee that the attackers won’t target users.
The team behind the DEX added the following, confirming the protocol’s Decentralized Autonomous Organization (DAO) involvement in resolving the current situation:
The Balancer DAO is actively addressing the current DNS attack and is working with all relevant parties to ensure the full recovery of the Balancer UI. In the meantime, please DO NOT interact with http://balancer.fi or http://app.balancer.fi until further notice.
Independent crypto investigator ZachXBT reported that over $238,000 had been stolen from the DEX. The investigator confirmed that the funds were sent to this Ethereum address: 0x645710Af050E26bB96e295bdfB75B4a878088d7E.
Further data from Etherscan confirms that the bad actors have begun moving the funds. The individuals use Tornado Cash, another decentralized exchange, to “launder” the stolen funds to gain anonymity.
Pseudonym user Defi_Hanzo was the first to report this development and the first to lose money to the hackers to confirm the DNS attack theory. As seen below, the bad actors took over the Balancer front-end and asked users to change input in the chain where they hold most of their funds.
Once this transaction was completed, bad actors could drain the user’s wallet. DeFi_Hanzo asked the team behind Balancer for a refund after falling victim to the attack.
DeFi’s Public Enemy Number One
Balancer is just one of the many DEX or DeFi applications that have been the victim of some strategy to steal their funds. As Bitcoinist reported, hacks, scams, and other criminal activities in the nascent sector were up 75% by the end of H2 2023 compared to 2022.
Bad actors stole over $650 million over that period, which has continued to rise in the coming months. Of all of the sectors in the crypto industry, DeFi has been the most affected.
The different protocols and applications supported by DeFi platforms lost almost $300 million by the end of H2, 2023. The North Korean affiliate hacker group “Lazarus” has been responsible for many attacks.
As of this writing, Ethereum (ETH) trades at $1,600 with sideways movement in the last 24 hours.
Cover image from Unsplash, chart from Tradingview
