The attacker managed to transfer Dai stablecoins twice. The initial transfer was $636,812, followed by a subsequent transfer of $257,527, aggregating to a total stolen amount of around $900,000.
Balancer fell victim to an exploited vulnerability, allowing an attacker to manipulate the protocol for personal financial gain. This exploitation enabled the hacker to abscond with approximately $900,000 from the blockchain.
The Ethereum address belonging to the alleged attacker, where the funds were transferred following the attack, was discovered by blockchain security expert Meier Dolev. Upon analyzing the obtained information, it became evident that the attacker managed to transfer Dai stablecoins twice. The initial transfer was $636,812, followed by a subsequent transfer of $257,527, aggregating to a total stolen amount of around $900,000.
Balancer is aware of an exploit related to the vulnerability below.
Mitigation procedures have drastically reduced risks, but are unable to pause affected pools.
To prevent further exploits, users must withdraw from affected LPs.https://t.co/PDzX32gqeS https://t.co/b4CSqVFbDg
— Balancer (@Balancer) August 27, 2023
Balancer’s Prompt Actions to Mitigate the Vulnerability
Prior to the attack, Balancer identified a vulnerability impacting several of its liquidity pools and promptly alerted liquidity providers within the affected pools to either withdraw their funds or, at the very least, transfer them to a secure liquidity pool. However, the attacker exploited this vulnerability against some of those who were unable to respond swiftly.
Balancer has received a critical vulnerability report affecting a number of V2 Pools.
Emergency mitigation procedures have been executed to secure a majority of TVL, but some funds remain at risk.
Users are advised to withdraw affected LPs immediately.https://t.co/PDzX32gqeS pic.twitter.com/F1f649Wz3L
— Balancer (@Balancer) August 22, 2023
As of August 22, when the vulnerability was disclosed, it was yet to be exploited. It was observed that 4% of the Total Value Locked (TVL) of approximately $669 million worth of cryptocurrency assets on the platform were at risk. They also included assets in pools like Ethereum, Arbitrum, Polygon, Avalanche, Gnosis, Fantom, and zkEVM.
The developers’ team took swift action, and they were able to successfully mitigate 80% of the major vulnerability and curb its potential impact. As of August 23, no attackers had managed to take advantage of the security issue; nevertheless, an estimated $5.6 million worth of cryptocurrencies remained vulnerable to potential exploitation.
To notify the liquidity providers, developers classified certain pools as “mitigated” and some as “at risk”, notifying users to either withdraw their funds or transfer them to more secure pools. They said:
“We believe funds in the mitigated pools (labeled ‘mitigated’) are safe, but nevertheless strongly recommend timely migration to safe pools, or withdrawal. Pools that could not be mitigated are labeled ‘at risk.’ If you are an LP in any of these pools, please exit immediately.”
These collective measures significantly minimized the impact of the attack on customer funds. While the stolen $900,000 might appear modest in the broader protocol context, its insignificance is solely attributed to the proactive actions taken.
Security Issues in DeFi
While DeFi has introduced innovative financial solutions to the blockchain realm, it has also encountered security challenges like smart contract vulnerabilities and liquidity pool exploitations, as evident in the Balancer case. Consequently, maintaining vigilance is imperative. DeFi protocols also need to continuously collaborate with security experts to swiftly identify and address vulnerabilities. Conclusively, adherence to best practices and diverse security standards remains essential for establishing a secure ecosystem.