-

Author: AZC.News

Balancer blames ‘social engineering attack’ on DNS provider for website hijack

Blockchain security firms SlowMist and CertiK also believe the crypto wallet drainer Angel Drainer was involved in the estimated $238,000 exploit.

Balancer Blames ‘social Engineering Attack’ On Dns Provider For Website Hijack_65b96d1f9a8d0.jpeg

The team behind Balancer, an Ethereum-based automated market maker, believes a social engineering attack on its DNS service provider was what led to its website’s frontend being compromised on Sept. 19, leading to an estimated $238,000 in crypto stolen.

“After investigation, it is clear that this was a social engineering attack on EuroDNS, the domain registrar used for .fi TLDs,” the firm explained in a Sept. 20 X post.

Approximately 8 hours after the first warning of the attack, Balancer said its decentralized autonomous organization (DAO) was actively addressing the DNS attack and was working to recover the Balancer UI.

At 5:45 pm UTC on Sept. 20, Balancer said it was successful in securing the domain and bringing it back under the control of Balancer DAO. It also confirmed its subdomains “app.balancer.fi” and other “balancer.fi” are safe to use again.

balancer blames social engineering attack on dns provider for website hijack 65b96d1f9d194

However, it suggested any other projects using the same top-level domain should consider moving to a more secure registrar.

EuroDNS is a Luxembourg-based domain name registrar and DNS service provider. Cointelegraph has reached out to EuroDNS for comment.

Angel Drainer involved

Blockchain security firms SlowMist and CertiK reported that the attacker employed Angel Drainer phishing contracts.

SlowMist said the exploiters attacked the Balancer’s website via Border Gateway Protocol hijacking — a process where hackers take control of IP addresses by corrupting internet routing tables.

The hackers then induced users to “approve” and transfer funds via the “transferFrom” function to the Balancer exploiter, it explained.

Related: Binance CEO refutes report on $250M loan to BAM Management

The hacker, whom SlowMist believes may be related to Russia, has already bridged some of the stolen Ether (ETH) to Bitcoin (BTC) addresses via THORChain before eventually being bridging the ETH back to Ethereum, blockchain security firm SlowMist explained on Sept. 20.

SlowMist stated in an earlier post that the hacker transferred about 15 wrapped-Ether (wETH.e) on the Avalanche blockchain.

balancer blames social engineering attack on dns provider for website hijack 65b96d20339ec

Meanwhile, despite Balancer confirming its subdomains, balancer.fi to now be safe, visits to the website still shows “Deceptive site ahead” warning when attempting to access the Balancer’s website.

Balancer’s website as of Sept. 20 at 10:22 pm UTC. Source: Balancer.

AZC News reached out to Balancer to confirm the amount of funds lost but did not receive an immediate response.

(100 votes)

    5.0/5

    (100 votes)

    Latest

    70% Of Bnb Chain Memecoin Investors Are In Profit

    News | Editor Choice | Memecoin 09/10/2025

    70% of BNB Chain Memecoin Investors Are in Profit – CZ’s “Meme Season” Is in Full Swing

    The memecoin wave on the BNB Chain is exploding, with over 70% of investors reporting profits as capital floods in — marking the start of the most vibrant “meme season” ever predicted by CZ.

    Paypay Acquires 40% Stake In Binance Japan

    News | Editor Choice | Policy & Regulations 09/10/2025

    PayPay Acquires 40% Stake in Binance Japan

    The acquisition of a 40% stake in Binance Japan marks a historic milestone for PayPay, paving the way for the convergence of traditional payments and digital assets, and shaping the future of Japan’s digital finance landscape.

    Bitcoin Boom Ahead Institutional And Derivatives Data Reveal

    News | Bitcoin | Editor Choice 09/10/2025

    Bitcoin Boom Ahead? Institutional and Derivatives Data Reveal

    Market experts believe that Bitcoin (BTC) is in a phase of accumulation rather than topping, predicting a retest before the next explosive breakout.

    Bnb Super Cycle – A Massive Rally Or Binance’s Next Big Bubble

    News | Altcoin | Editor Choice 08/10/2025

    BNB Super Cycle – A Massive Rally or Binance’s Next Big Bubble?

    Binance’s BNB token is heating up the crypto market with a series of new record highs, but amid the excitement of the so-called “Super Cycle,” many analysts warn it could just be a bubble waiting to burst.

    Bitcoin Cools Off After Record Breaking Rally

    News | Bitcoin | Editor Choice 08/10/2025

    Bitcoin Cools Off After Record-Breaking Rally

    After a series of record-breaking gains, Bitcoin suddenly slipped more than 2% on Tuesday afternoon as a wave of profit-taking spread and investor caution returned to the crypto market.

    Screenshot 2025 09 10 100533