DeFi liquidity provider on Stake Hacker Drained $500k of Balancer

by ImmuneBytes

A balancer is a non-custodial portfolio manager, supplier of automatic liquidity, and price sensor. Balancer, which comes under top DeFi projects as per crypto news, is a product of Balancer Labs and runs liquidity pools that allow users to automatically execute token swaps. This Ethereum-based project acknowledged the attack, acknowledging that the crypto community had been warned of the unintended consequences of deflationary tokens.

Details of Hack

A total of 2 Balancer pools have been targeted, using identical complex transactions. The hacker built a complex smart contract on Ethereum’s mainnet and thus took advantage of the visibility in the DeFi model for the transfer fee. This hacker specifically used the smart contract to automate multiple DeFi acts within a single execution. After taking a 104 K WETH flash loan from dYdX, the attacker switched back and forth WETH to STA token 24 times to drain the pool balance and leave it at an incredibly low balance of 1 weiSTA. The balancer pool received 1 percent less STA each time the swap was executed than it should have. Next, the intruder repeatedly converted 1 weiSTA to WETH. 

Due to the introduction of the STA token transfer fee, the pool never obtained the STA but nonetheless issued WETH. 

Similarly, the token balances WBTC, SNX, and Connect were drained from the tank. The attacker then repaid the flash loan, by depositing a few weiSTAs and quickly increased its share in the Balancer Pool. Lastly, the intruder used Uniswap V2 to convert to 136 K STA collected Balancer Pool tokens before converting the STAs to 109 WETH. 

After the attack, the balancer team quickly delisted its protocol from its site, but they couldn’t do it at contract level because they didn’t have authority to do so, as told by the team. By doing delisting at contract level, they could have stopped people from investing their money on vulnerable protocol. Balancer team said in this post that they were not aware that the vulnerability can be exploited in this way. Hex capital said that they submitted the same bug in the bug bounty program but the balancer didn’t acknowledge it.

Post-Hack Actions

Subsequent to the incident, Balancer said it would start adding ‘transfer fee’ tokens to its UI blacklist; the list was expected to be non-exhaustive with the potential of adding new tokens at any time. Additionally, the protocol developed by Ethereum would increase the available data on the risks involved in running Balancer Pools. Also, reimbursement was provided to those affected by the attack as said by the Balancer Labs.

More on the thought process that the Balancer Labs team went through to decide on reimbursing all the liquidity providers who lost funds in yesterday’s incident.

Thank you to all community members who gave essential input to us reaching this decision.

The protocol underwent two full audits, with a third planned as part of testing processes to improve its efficacy in the DeFi markets as crypto arbitrage increases.

Highlights of hack

  1. Balancer lost $520k in the hack.
  2. Hacker made use of an identical smart contract as the original.
  3. Post hack, two full audits of protocol were performed.

Conclusion

We read above that balancer labs were acquainted with the vulnerability in their protocol and  ignorance of the same  had led to repercussions with huge loss in money. Considering this,it is recommended to go for a security audit. It has tremendous importance else consequences can be huge.

We are here to help you if you are in search of Smart Contract Auditors.

Reach out to us team@immunebytes.com 

Spread the love

You may also like