Perhaps the DeFi protocol should have fixed the problem before announcing it existed
Decentralized finance (DeFI) protocol and Ethereum automated market maker Balancer confirmed on August 27 in an X post that it was exploited for nearly $900,000. The breach came a few days after it revealed several pools were affected by a vulnerability.
Meier Dolev, a blockchain security expert, revealed the attacker’s alleged Ethereum address. The address received two transfers in Dai stablecoin of $636,812 and $257,527, respectively, for over $893,978.
“Balancer is aware of an exploit related to the vulnerability below,” adding in its X post that while recent measures have reduced risks significantly, they could not pause the pools affected. “To prevent further exploits, users must withdraw from affected LPs,” it suggested.
On August 22, Balancer first revealed the vulnerability of its boosted pools, provoking users to withdraw funds from liquidity providers (LPs) and pause pools to limit any possible damage. Assets deployed on Ethereum, Polygon, Arbitrum, Optimism, Fantom,
Avalanche, Gnosis, and zkEVM were at risk.
When the vulnerability was first discovered, over $5 million in assets were exposed, representing about 1.4% of its total assets. At least $2.8 million, or 0.42% of its total value locked, was still at risk on August 24.
Balancer issued a warning to users on X, “We believe funds in the mitigated pools (labeled ‘mitigated’) are safe, but nevertheless strongly recommend timely migration to safe pools, or withdrawal. Pools that could not be mitigated are labeled ‘at risk’. If you are an LP in any of these pools, please exit immediately.”
The Optimism network first deployed the protocol in June 2022, aiming to boost user functionality and lower fees.
Editor-in-Chief of the Big Blind, a prominent gambling industry publication, brings 30+ years of journalism experience to his role. His vision emphasizes clarity, accessibility, and responsible journalism, making the Big Blind a trusted source in the online gambling sector.