Balancer hit by DNS attack on front-end website

Quick Take

  • Decentralized exchange Balancer experienced a DNS attack on its front-end website.
  • Hackers directed the Balancer website link to a malicious site designed to steal funds.

Ethereum-based decentralized exchange Balancer BAL + suffered a domain name system (DNS) attack on its frontend website, the team confirmed.

During the incident, hackers executed a DNS exploit to take control of the official Balancer website link — — and redirected users to a phishing site associated with a malicious contract aiming to steal users’ funds.

On Wednesday at 7:50 pm EST, Balancer warned users not to interact with its website until further notice. Later, the team confirmed the front-end issue was related to a DNS attack. “The Balancer DAO is actively addressing the current DNS attack and is working with all relevant parties to ensure the full recovery of the Balancer UI,” Balancer wrote on X.

The domain name system is a widely used protocol that websites rely on. However, attackers can exploit issues in DNS to attempt to carry out nefarious activities, as demonstrated in this incident.


Keep up with the latest news, trends, charts and views on crypto and DeFi with a new biweekly newsletter from The Block's Frank Chaparro

By signing-up you agree to our Terms of Service and Privacy Policy
By signing-up you agree to our Terms of Service and Privacy Policy

Balancer website is being redirected to a malicious site.

While there has been no official statement about the impact on user assets, security firm PeckShield estimated that roughly $238,000 in cryptocurrency might have been taken during the attack. 

In August, Balancer experienced an exploit resulting in the loss of nearly $1 million in stablecoin. This was attributed to a critical flaw on the platform shortly after it advised users to withdraw from the affected liquidity pools.

© 2023 The Block. All Rights Reserved. This article is provided for informational purposes only. It is not offered or intended to be used as legal, tax, investment, financial, or other advice.

About Author

Vishal Chawla is The Block’s crypto ecosystems editor and has spent over six years covering tech protocols, cybersecurity, artificial intelligence and cloud computing. Vishal likes to delve deep into blockchain intricacies to ensure readers are well-informed about the continuously evolving crypto landscape. He is also a staunch advocate for rigorous security practices in the space. Before joining The Block, Vishal held positions at IDG ComputerWorld, CIO, and Crypto Briefing. He can be reached on Twitter at @vishal4c and via email at [email protected]