Example URL From our sponsor
Balancer Says Code Exploit, Batched Swaps the Root Cause of $116M Hack - news.adtechsolutions Balancer Says Code Exploit, Batched Swaps the Root Cause of $116M Hack - news.adtechsolutions

Balancer Says Code Exploit, Batched Swaps the Root Cause of $116M Hack


The team behind the decentralized finance (DeFi) protocol Balancer released a preliminary post-mortem report on Wednesday, which detailed the cause of the exploit that siphoned $116 million into the DeFi markets.

Balancer it was hit by a sophisticated code exploit on Monday that affected Balancer v2 Stable Pools and Composable Stable v5 pools, while all other pool types were not affected, according to the report.

The hacker used a combination of BatchSwaps, which allow users to bundle several actions in a single transaction, including flash loans – short-term loans borrowed and repaid in the same transaction – and an exploitation of the upscale rounding function that affects EXACT_OUT swaps in the Stable Pools.

Cybercrime, Cybersecurity, Hacks
Source: Balancer

The rounding function is intended for rounding when token prices are an input. However, the hacker was able to manipulate these rounding values, and in conjunction with the BatchSwap function, remove funds from stable pools. The team wrote:

“In many cases, the exploited funds remained in the Vault as internal balances before being withdrawn in subsequent transactions.”

The hack serves as a reminder that hot wallets, liquidity pools and onchain funds exposed to the internet are vulnerable to evolving cyber security threats from hackers, prompting crypto users and blockchain developers to practice prudence in the protection of funds.

Related: Balancer audits under scrutiny after leveraging $100M+

Balancer responds to the $116 million hack with the help of the crypto industry

Hackers are probably skilled professionals who prepare for months before executing his attack, using a series of 0.1 Ether (ETH) Tornado Cash deposits to fund the attack to avoid detection, Cointelegraph previously reported.

Balancer worked with cybersecurity partners and crypto protocols to seize or freeze a portion of the stolen funds, including 5,041 StakeWise Staked ETH (osETH), valued at approximately $19 million, and 13,495 osGNO tokens valued at $2 million.

Cybercrime, Cybersecurity, Hacks
Source: BitFinding

The team has paused all affected pools and disabled the creation of new “vulnerable” pools until the security issue is resolved.

Balancer offers 20% white hat reward to ethical hackers and the perpetrator for the return of the stolen funds, but no one had claimed the reward as of this writing.

Magazine: White hat team ‘SEAL 911’ is trained to fight crypto hackers in real time