Balancer Hack Traced to DNS Social Engineering Attack
- Balancer attributed blame to its DNS service provider.
- Efforts are underway to explore other domain options.
- The majority of DeFi exploits have occurred on the Ethereum blockchain.
Decentralized finance (DeFi) has democratized access to financial services, allowing anyone to lend, borrow, and invest without intermediaries. The cost of this is that the sector has been plagued with periodic high-profile hacks by those targeting vulnerabilities within the chain of processes.
Typically, DeFi attackers exploit smart contract vulnerabilities or weaknesses within the protocol itself. Yet, the most recent Balancer hack was traced to a socially engineered attack at the protocol’s domain name service (DNS) provider.
Balancer Now Safe to Use
In an update to the community on Wednesday’s DNS attack , Ethereum-based Balancer confirmed that it has regained control of its domain name and assured users that all associated subdomains are now safe to use.
Balancer’s investigations concluded that hackers had infiltrated EuroDNS, the company entrusted with managing Balancer’s DNS registry, using social engineering techniques. This exploit involves manipulating unsuspecting individuals into exposing data, spreading malware, or giving away system access.
Acting on its findings, Balancer stated that it is looking at more secure top-level domains (TLD) to drop its existing .fi setup. The team also suggested that other DeFi projects follow suit.
With Balancer responding swiftly to restore services, thoughts now turn to understanding how the breach occurred and preventing future attacks from happening again.
What Happened?
On September 19, Balancer advised users not to interact with its interface after discovering a breach. Further analysis revealed hackers had hijacked the Balancer domain, enabling the deployment of a malicious program that set about draining victims’ wallets.
Although Balancer did not officially comment on the losses incurred, Peckshield estimated around $238,000 worth of crypto assets were stolen in the incident. The attack represents the second security breach for Balancer in a month. In August, the protocol suffered a spate of flash loan exploits , netting hackers just under $1 million in DAI.
On the Flipside
- Cloudflare reported that 87% of companies suffered a DNS attack in 2021.
- Of the 148 DeFi exploits to date, 71 occurred on Ethereum-based protocols.
Why This Matters
The latest Balancer hack highlights the heavy dependency of DeFi protocols on legacy infrastructure not designed for crypto’s complexities. Realizing the vision of DeFi as the future of finance would require reimagining the internet’s foundational structure.
Get a breakdown of what happened during the Balancer hack here:
Balancer Protocol Loses $238K in Crypto in Ongoing DNS Attack
Discover more about Nigerians turning to crypto amid the country’s ongoing economic woes:
Nigeria Turns to Crypto as Currency Crisis Deepens
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Flash Monday: Buy crypto with a credit/debit card for zero fees
Every Monday, enjoy zero fees when using your local fiat currency with a credit or debit card ( Visa, Mastercard, Google Pay Apple Pay)! Buy Crypto Promotion period: Every Monday 8:00 PM – Tuesday 8:00 PM (UTC+8) Promotion rules Sign up for a Bitget account or log in to your existing account. Navig
SEC to receive record $8.2 billion from enforcement in fiscal 2024, mostly from Terraform Labs
CAT becomes the only BSC chain token in the top 20 Wintermute market-making meme coins