DeFI Exchange Balancer Vulnerability Exploited - Almost $1M US lost
Learn More
The decentralized exchange Balancer reported a security breach on August 27, resulting in a loss of approximately $1 million. This incident occurred shortly after the Balancer team had publicly disclosed a "critical vulnerability" in their system and had urged liquidity providers (LPs) on the exchange to withdraw funds from specific pools that were exposed to this vulnerability.
The attacker's Ethereum address address received three transfers of DAI stablecoin totaling around $979,420 since the previous Sunday. Notably, the last transfer occurred shortly after Balancer's tweet about the vulnerability exploit.
The attack employed a strategy known as "multiple flash loan attacks". In this type of attack, the hacker borrows a significant amount of cryptocurrency from a decentralized finance (DeFi) platform through flash loans.
These borrowed funds are then utilized to manipulate affected pools, extracting funds from them. The borrowed amount is subsequently repaid in the same transaction.
Think of a flash loan as a quick, no-collateral loan in the world of cryptocurrencies. In a "multiple flash loan attack," someone borrows a bunch of cryptocurrency very briefly. They then use that borrowed money to cause chaos in certain parts of the cryptocurrency market, like making prices go up or down. This chaos lets them make a lot of money quickly. Finally, they pay back the loan and keep their profits. It's like taking advantage of a special loan to shake things up and make money fast.
Despite the Balancer team's efforts to mitigate risks and encourage withdrawals, the hackers managed to steal more than $900,000, exceeding the initially estimated amount at risk. The Balancer team had initially stated that only 0.08% of the total value locked (TVL), equivalent to $565,199, was still vulnerable. Most LPs having withdrawn from the affected pools.
The Balancer team emphasized withdrawal as the sole means of safeguarding funds and took measures to lock access to the pools where the liquidity provides have requested withdrawals.
Balancer advised users about the status of their funds in various pools, designating "mitigated" pools as safe, while categorizing vulnerable pools as "at risk." Users were strongly recommended to migrate to more secure pools or initiate fund withdrawals to ensure their funds' safety.
Despite these efforts, some liquidity providers delayed their fund withdrawals and the attackers had a windo of opportunity to siphon funds.
