DeFI Exchange Balancer under active attack, asks users not to log in

Balancer, a decentralized finance exchange and protocol based on Ethereum, has issued a caution to its users to avoid its website due to a recent attack on its frontend.

The platform alerted its community on September 19 at 11:49 pm UTC, advising users not to interact with the Balancer user interface until further notice.

Some users have been reporting that when interacting with the website, they're being prompted to approve a malicious contract that drains users' wallets. "If you open the website it asks you to change the chain, where you hold the most amount of money. After that scam transaction is sent, after confirmation money are gone. Don't open the website!!!"

The details of the attack are currently being investigated, and it remains uncertain whether user funds were impacted. Balancer contributors have assured users that Balancer's vault remains unaffected.

Blockchain security firms estimate that around $238,000 in cryptocurrency has been stolen in this attack. Users attempting to access the Balancer website are being prompted to approve a malicious contract that drains their wallets, indicating a potential hijack.

This marks the second attack on Balancer within a month, following a critical vulnerability warning on August 22 and a subsequent exploit causing an estimated $2 million loss.

Update - Balancer informed that after an investigation they concluded that the cause of the attack is a social engineering attack on EuroDNS, the domain registrar used for .fi TLDs, which enabled the attackers to fake the frontend of the Balancer interface available at app.balancer.fi