Hackers Steal Over $120 Million From Balancer DeFi Protocol

Hackers exploited a vulnerability in Balancer’s V2 pools, causing over $120 million in losses.

The attack involved a precision rounding error or unauthorized contract manipulation in vault calls.

Phishing scams emerged following the breach, attempting to trick the hacker into returning the stolen funds.

Balancer, a decentralized finance (DeFi) platform, has confirmed that hackers exploited its V2 pools, resulting in a breach of over $120 million. The incident, which targeted the protocol’s V2 compostable stable pools, marks one of the largest attacks on a DeFi protocol this year. While Balancer continues to investigate the incident, it has cautioned users against potential scams related to the attack.

Attack Details and Method

The attack took place at 7:48 AM UTC, when hackers exploited a vulnerability within Balancer’s V2 Vault system. According to GoPlus Security, the exploit stemmed from a precision rounding error in the platform’s swap calculations. These errors caused minor discrepancies in token amounts during swaps, which the attackers used to their advantage. By chaining multiple swaps through the batchSwap function, the hackers were able to create large-scale price distortions.

Another explanation for the exploit points to improper authorization and callback handling inside Balancer’s V2 vaults. Security expert Aditya Bajaj noted that a malicious contract manipulated vault calls during pool initialization. This allowed unauthorized swaps and balance manipulations across interconnected pools, bypassing the protocol’s safeguards. Despite these varying explanations, Balancer has yet to confirm the exact method of attack. However, the company is working with leading security researchers to assess the breach and understand its full scope.

The hack was exclusively limited to Balancer’s V2 pools and did not reach other pools like V3. The team communicated through their channels and promised an investigation. Balancer has already spoken up on the matter and promised a post-mortem report when the investigation is over. Although Balancer has been subjected to auditing 11 times since 2021, with different levels of scrutiny, the exploit still found a way around these audits. The incident makes one ponder about the limitations of current security measures in place for DeFi protocols.

Phishing Scams Targeting Hacker

After the attack, a deceiving message appeared, entailing to mislead the hacker into giving back the money that had been stolen. The message, which was posing as Balancer, was offering the hacker a “white-hat bounty” of 20% of the stolen funds for the return of the rest amount. The fraudster was using threats of blockchain to soothe the hacker into submission. Balancer gave a warning to its users, saying that there was a phishing attempt and they should be very careful.

The event of the attack on Balancer gives a clear picture of the security challenges that the DeFi space is going to face in the future because of constant changes in the security dynamics. The hack, however, has not been linked to any specific group; however, it has been reported that North Korean hackers are behind a couple of DeFi heists this year

In total, over $2 billion worth of cryptocurrencies have been connected with North Korean thefts and thus, the DeFi platforms continue to suffer from enormous security problems. Currently, Balancer is in the process of securing its platform and stopping any further exploits. More information on the breach, as well as the measures taken will be disclosed after the investigation is over.