Posted:
- The phishing group AngelDrainer was part of the Balancer attack.
- The number of transactions declined due to the attack.
After several hours, the Balancer team officially declared that they have successfully regained control of the previously compromised domain.
Read Balancer (BAL) Price Prediction 2023-24
Balancer regains control
On 20 September, just hours following the initial attack, the Balancer team made an official announcement. They confirmed the restoration of security and control over their website.
According to the team’s statement, the attack was due to social engineering targeting EuroDNS, the domain registrar they were using. Furthermore, they disclosed their intention to transition to a more secure registrar.
How the Balancer attacker gained access and moved funds
MistTrack provided a detailed breakdown of the Balancer attacker’s operation. According to MistTrack, the attack was reportedly orchestrated by a phishing group known as AngelDrainer, which also supplied the fee.
The attacker initiated the assault through BGP hijacking, subsequently convincing users to “approve” transactions and transfer funds using the “transferFrom” function.
🚨Balancer Hack Update🚨
So far, we have the following findings about the @Balancer exploiter:
1/ The attacker’s fee came from the phishing group #AngelDrainer. In other words, after the attacker (AngelDrainer) attacked the website via BGP hijacking, then induced users to… https://t.co/5g6P2aPEz8 pic.twitter.com/3PInfe9VC1
— MistTrack🕵️ (@MistTrack_io) September 20, 2023
Furthermore, the attacker executed a bridging operation from ETH to BTC addresses via THORChain and later reversed the process back to the Ethereum network. Additionally, as per the initial report, the Balancer attacker successfully absconded with more than $200,000.
As of this writing, the Balancer team has not announced if the funds can be regained or how they intend to go about it.
Impact on transactions and TVL
Analyzing the data on DeFiLlama, it was evident that the recent hack did not have a significant impact on Balancer’s Total Value Locked (TVL), in contrast to the previous hacking incident.
At the time of this report, the TVL stood at approximately $705 million, and there was no apparent downward trend.
However, a noticeable decline was observed in the platform’s transaction activity. The average daily transaction count on the platform was around 1,500 transactions, but on 20 September, the day of the hack incident, it dropped to approximately 700 transactions.
Is your portfolio green? Check out the Balancer Profit Calculator
BAL falls to selling pressure
The daily timeframe chart of Balancer revealed that it concluded trading on 20 September with a price decline of over 1%. Furthermore, there was a notable surge in trading volume, primarily driven by selling pressure.
At the time of this update, Balancer was trading with a modest profit of less than 1%, hovering around $3.2. Additionally, it remained entrenched in a bearish trend, as evidenced by its Relative Strength Index (RSI).