After warning users several days prior that a critical vulnerability had been discovered in their protocol, the Balancer defi project has been drained of at least $900,000 in a series of exploits apparently taking advantage of the bug.
Balancer acknowledged the hack, writing on Twitter that “Balancer is aware of an exploit related to the vulnerability [disclosed on August 22]. Mitigation procedures have drastically reduced risks, but [we] are unable to pause affected pools.” They reiterated that users needed to withdraw funds from affected liquidity pools to prevent further thefts.
The blockchain researcher known on Twitter as MevRefund questioned why Balancer didn’t execute a whitehat attack on their own protocol to try to safeguard the vulnerable funds.
