Balancer Exploited After Giving Warning

  • DeFi protocol Balancer confirmed it was exploited almost a week after disclosing a critical vulnerability affecting several of its boosted pools.
  • The platform did its best to mitigate some of the risks but was unable to pause the affected pools, and an estimated $980,000 in DAI were stolen in an attack.


Decentralized finance (DeFi) protocol Balancer was exploited for more than $900,000 almost a week after it disclosed a vulnerability in several of its pools, the platform said via X (formerly Twitter) on 27 August.

According to the announcement, Balancer was able to mitigate some of the risks associated with the vulnerability over the past week, but was unable to pause the affected pools before the incident. Users have been advised to withdraw their assets from affected pools, but by last estimates — made two days before the exploit — “99.7% of liquidity initially deemed vulnerable” was now safe.

Balancer revealed it had found a critical vulnerability in several of its boosted pools on 22 August, with the assets at risk being deployed on Ethereum, Polygon, Arbitrum, Avalanche, Fantom, Optimism, Gnosis, and zkEVM. When Balancer gave the initial warning, an estimated 4% of the platform’s total funds were at risk.

Although there was no official announcement of the financial impact of the exploit, blockchain security expert Meier Doleve revealed an Ethereum address that allegedly belonged to the attacker. This same address received around $980,000 worth of DAI stablecoins across three transactions.

Loading comments...
Related Coverage
Unibot to Compensate Users Affected by Exploit
  • Popular Telegram bot Unibot, which is used to snipe trades on Uniswap, became a victim of a token approval exploit earlier today, when it was switching to a new router.
  • After confirming the exploit, Unibot assured users that their keys and wallets were safe, and that the project will compensate all affected users.
October 31, 2023, 3:01 PM


Kroll Data Breach Compromises FTX, BlockFi Customer Information
  • A cyber security incident at bankruptcy service provider Kroll has resulted in the exposure of “non-sensitive” customer data for claimants involved in the FTX and BlockFi cases.
  • Both companies confirmed that account passwords, systems, and funds remained safe, but warned customers to be on the lookout for phishing scams.
Terra Freezes Website, Warns Against Phishing Scams
  • Blockchain network Terra said its website was compromised by hackers over the weekend, and warned users against ongoing phishing scams.
  • The platform later froze its website to prevent the hackers from exploiting it, and reminded users to avoid websites with the domain for now.