DeFi Platform Balancer Hacked, $500K Vanished

Today, an unidentified user hacked Balancer, a decentralized finance (DeFi) liquidity platform. The attackers reportedly managed to steal 500,000 US Dollar worth of Ethereum and other altcoins.

Balancer confirmed that on June 29, a hacker stole from them. It affected two pools containing transfer fees, also known as deflationary tokens.

A report laid the steps on how the hacker did the attack. They’ll take a flash loan in Ethereum from the non-custodial exchange dYdX. Then they would convert them to Wrapped Ethereum. They will trade more of the WETH and STA tokens, seeping the STA balance from the pool. Then as the balance is close to zero, ”its price is extremely high; the attacker can now use STA to swap for other assets extremely cheaply,” the platform stated.

Mike McDonald, Balancer’s Co-founder and Chief Technology Officer, owned responsibility for what happened today.

Defi Platform Hacked Tweet 1

$500K Stolen as an Attacker Hacked DeFi Platform

Reports started to circulate through social media that a DeFi platform was hacked. According to The Block’s Steven Zheng, the news initially spread via Telegram. An admin of a Telegram group observed that there was an issue with Balancer, a DeFi platform.

Defi platform Hacked Tweet 2

 

Several hours after Zheng’s tweet, 1inch and Mike McDonaldconfirmed the incident.

Moreover, 1inch broke down the situation and Zheng turned out correct. The hacker stole more than $500,000 worth of Ethereum and other altcoins amidst the attack. 1inch’s research found out that the attacker made use of a smart contract to manipulate the Balancer Pool.

To contextualize it, the incident was a byproduct of the STA’s built-in deflation. The token has an algorithm that  “ensure that 1% of the amount transacted is destroyed for every transaction.”

1inch said that the hacker was a smart and very sophisticated contract engineer. Accordingly, the hacker has extensive knowledge of the leading DeFi protocols. The authority has failed to identify the hacker because they used an Ethereum mixer to modify their identity/ties.

Traders’ Sentiments

There are people wondering if there was some foul play in the incident. Ethereum Customer Support expressed their doubt on Twitter:

Defi platform hacked tweet 3

 

Furthermore, there are also worries regarding high transaction fees. BlockTown Capital’s Joseph Todaro said:

Defi hacked tweet 4