DeFi’s Balancer Pool Hacker Drains Funds Worth About $500k

hack

DeFi’s Balancer Pool Hacker Drains Funds Worth About $500k

DeFi platform Balancer’s multi-token pools were under attack after a hacker drained about $500k worth of funds. 

Sophisticated Smart Contract Engineer Behind The Hack?

Decentralized Finance [DeFi] has been in the news lately following the launch of two prominent governance tokens from lending protocol Compound Finance as well as decentralized exchange Balancer. Compound’s COMP token was the first to hit the market and still has the entire DeFi space under its dominance.

While Balancer was also seen doing well, the platform revealed a recent glitch that it experienced. Balancer Labs revealed that an attacker had drained funds worth of about $500,000 from two pools that sustained deflationary tokens. The tokens in these pools were STA and STONK tokens.

Pools with the aforementioned tokens with transfer fees were reportedly the only ones to be affected by the hack. The platform’s co-founder, Mike McDonald elaborated on the same in a recent blog post.

A hacker reportedly carried this out via two different transactions. The hacker acquired a loan of 23 million USD worth of Ether from decentralized borrowing and lending platform dYdX. WETH, as well as STA, was further traded continuously for about 24 times in extensive volumes, causing the STA balance in the pool to plummet to a low of 0.000000000000000001 STA. Each time WETH was converted into STA the Balancer Pool gained 1 percent less STA than the conventional amount.

1inch, a DEX aggregator elaborated on the same in his Medium post and stated,

“As the next step, the attacker swapped 1 weiSTA to WETH multiple times. Due to STA token transfer fee implementation, the pool never received STA but released WETH regardless. The same step was repeated to drain WBTC, SNX and LINK token balances from the pool.”

Even though Balancer wasn’t aware of the possibility of such an attack, the platform claims to have warned the users about the “unintended effects ERC20s with transfer fees could have in the protocol.”

1inch believes that the attack was carried out by a “sophisticated smart contract engineer” who had immense knowledge about the DeFi space and its protocols. The stolen funds were further transferred to the address, 0xBF675C80540111A310B06e1482f9127eF4E7469A.

ETH
Source

Furthermore, Balancer suggested that the platform would be adding transfer fee tokens to the UI blacklist, more documentation pertaining to the working of the pools, and even concocted a 3rd audit that would take place before today.

Summary
DeFi's Balancer Pool Hacker Drains Funds Worth About $500k
Article Name
DeFi's Balancer Pool Hacker Drains Funds Worth About $500k
Description
DeFi platform Balancer's multi-token pools were under attack after a hacker drained about $500k worth of funds. 
Author
Publisher Name
CoinGape
Publisher Logo
Coingape is committed to following the highest standards of journalism, and therefore, it abides by a strict editorial policy. While CoinGape takes all the measures to ensure that the facts presented in its news articles are accurate.
Disclaimer The views, opinions, positions or strategies expressed by the authors and those providing comments are theirs alone, and do not necessarily reflect the views, opinions, positions or strategies of CoinGape. Do your market research before investing in cryptocurrencies. The author or publication does not hold any responsibility for your personal financial loss.
Author: Sahana Kiran

Sahana Kiran is a graduate in Political Science, Economics and Journalism. She is a full-time crypto writer at CoinGape and takes a keen interest in cryptocurrencies, especially Ethereum and Bitcoin. Even though she’s not a HODLER yet, she has eyes on Bitcoin.

Post your comment...
Sahana Kiran 87 Articles

Sahana Kiran is a graduate in Political Science, Economics and Journalism. She is a full-time crypto writer at CoinGape and takes a keen interest in cryptocurrencies, especially Ethereum and Bitcoin. Even though she’s not a HODLER yet, she has eyes on Bitcoin.

Follow Sahana @