Balancer, an Ethereum-based decentralized finance (DeFi) protocol, is warning users to avoid its website after an apparent attack on its frontend interface.
On September 19th, Balancer notified its community around 11:49pm UTC to stop interacting with its user interface until further notice. The details of the attack are still under investigation.
While Balancer has not officially confirmed if user funds were impacted, contributor Cosme Fulanito has reportedly stated that Balancer’s vault remains “100% fine.” However, blockchain security firms estimate that at least $238,000 in crypto has been stolen so far.
Some users have reported being prompted to approve malicious contracts that drain their wallets when visiting the Balancer website. As one industry expert explained: “If you open the website it asks you to change the chain, where you hold the most amount of money. After that scam transaction is sent, after confirmation money are gone. Don’t open the website!!!”
Currently, users attempting to access the Balancer website are met with a warning sign to avoid interaction.
This is the second attack on Balancer in less than a month. On August 22nd, it warned of a critical vulnerability, which was exploited days later with an estimated $2 million loss.
While mitigation measures were taken, affected pools could not be paused, forcing Balancer to advise users to withdraw liquidity provider funds to prevent further exploits.
The repeated attacks highlight the risks still posed by vulnerabilities in DeFi protocols, even for reputable platforms like Balancer. Users are advised to exercise extreme caution until Balancer can confirm its website is secure.
