Balancer Faces DNS Attack, Exposing Users to Phishing Risks

by Nik Asti

Published: September 20, 2023 at 4:39 am Updated: September 20, 2023 at 5:13 am

by Danil Myakin

Edited and fact-checked: September 20, 2023 at 4:39 am

In Brief

The decentralized exchange Balancer fell victim to a DNS attack targeting its front-end website.

In the attack, hackers rerouted the Balancer website link to a fraudulent site with the intent of pilfering funds.

Balancer Faces DNS Attack, Exposing Users to Phishing Risks

Decentralized exchange Balancer has been the target of a DNS (Domain Name System) attack on its front-end website, leading to an urgent warning issued to its user base.

The assailants took advantage of vulnerabilities in the DNS protocol to hijack the official Balancer website link and misdirect users to a malicious phishing site, in an attempt to siphon off their funds.

The attackers exploited weaknesses in the DNS—a set of rules that allow user computers to connect to website servers—to gain control of Balancer’s website. Specifically, they redirected the ‘balancer.fi’ link to a fraudulent site connected to a malicious contract.

Given the technical nature of the attack, it reveals the existing vulnerabilities in DNS protocols, commonly used in websites, that can be exploited to nefarious ends.

The balancer frontend is under an attack. The issue is currently under investigation. Please do NOT interact with the balancer UI until further notice!
— Balancer (@Balancer) September 19, 2023

What Does This Mean for Balancer

Balancer took swift action to mitigate the crisis, issuing a warning at 7:50 pm EST last Wednesday. They advised users to refrain from interacting with their website until further investigation and remediation had taken place.

The company later confirmed that the disturbance was indeed a DNS attack and indicated that it was in the process of implementing recovery measures.

While Balancer itself has not released any official statements regarding the financial impact, security firm PeckShield estimates that the attackers may have made off with around $238,000 in cryptocurrency. This raises considerable concerns about the platform’s security, especially following a previous exploit in August where a critical flaw led to the loss of nearly $1 million in stablecoin.

The Balancer incident serves as a cautionary tale for other platforms utilizing decentralized technologies. It underlines the importance of robust security measures, not just at the contract or token level, but also in the more mundane aspects of internet protocols like DNS. The episode also places added pressure on Balancer to step up its security measures, given its recent history of vulnerabilities.

Tags:

Disclaimer

In line with the Trust Project guidelines, please note that the information provided on this page is not intended to be and should not be interpreted as legal, tax, investment, financial, or any other form of advice. It is important to only invest what you can afford to lose and to seek independent financial advice if you have any doubts. For further information, we suggest referring to the terms and conditions as well as the help and support pages provided by the issuer or advertiser. MetaversePost is committed to accurate, unbiased reporting, but market conditions are subject to change without notice.

About The Author

Nik is an accomplished analyst and writer at Metaverse Post, specializing in delivering cutting-edge insights into the fast-paced world of technology, with a particular emphasis on AI/ML, XR, VR, on-chain analytics, and blockchain development. His articles engage and inform a diverse audience, helping them stay ahead of the technological curve. Possessing a Master's degree in Economics and Management, Nik has a solid grasp of the nuances of the business world and its intersection with emergent technologies.

Nik Asti