Balancer, an automated market maker and decentralized finance protocol on the Ethereum network, has confirmed a security breach resulting in a loss of approximately $900,000. This incident occurred shortly after the disclosure of a vulnerability that impacted multiple pools within the protocol. Balancer had identified the vulnerability in enhanced pools that contained assets exposed to risks across various ecosystems such as Ethereum, Polygon, Arbitrum, Optimism, Avalanche, Gnosis, Fantom, and zkEVM. As a precautionary measure, Balancer urged users to transfer their funds to secure pools.

The exploit came to light when blockchain security expert Meier Dolev uncovered an Ethereum address believed to belong to the attacker. Following the breach, the address received two transfers of Dai stablecoins, amounting to $636,812 and $257,527, respectively. Consequently, the total balance of the address surpassed $893,978.

The Balancer protocol team acknowledged the existence of the exploit and the associated vulnerability. While they implemented measures to mitigate the risks, they stated that the affected pools could not be paused. Consequently, users were advised to withdraw their assets from the affected pools to prevent further exploits.

Balancer: Immediate Withdrawal Warning for Your Assets

Balancer recently made a significant announcement regarding a critical security vulnerability that impacted their enhanced pools. The disclosure, made on August 22, urged users to withdraw their funds from liquidity providers (LPs) and pause pools in order to minimize potential damages. The vulnerable assets were spread across various ecosystems, including Ethereum, Polygon, Arbitrum, Optimism, Avalanche, Gnosis, Fantom, and zkEVM.

At the time of the vulnerability’s discovery, only 1.4% of the total assets were deemed at risk, amounting to a potential loss of over $5 million. As of August 24, approximately $2.8 million, or 0.42% of the total locked value, remained susceptible to the vulnerability. In response, Balancer issued a stern warning to users:

“While we believe that funds in mitigated pools are secure, we strongly advise promptly migrating to safe pools or withdrawing your assets. Unmitigated pools are specifically labeled as ‘at risk.’ If you are an LP in any of these pools, we urge you to exit immediately.”

Last year in June, the protocol underwent a transition to the Optimism network, aiming to improve user functionality and reduce fees.