News Hacker stole $ 500,000 from Balancer's DeFi protocol


Jun 28, 2020
Reaction score
An unknown hacker managed to withdraw $ 500,000 in altcoins from the pool of the Balancer Labs DeFi project, using the vulnerability of a smart contract.

The Block was first reported by The Block researcher Stephen Zheng, citing a post on the Statera project’s Telegram channel. According to him, the unknown devastated the Balancer pool, which consists of, among other things, WETH and Statera (STA) tokens.


A few hours later, hacking was confirmed by Balancer Labs co-founder Mike MacDonald and representatives of the 1inch exchange . According to the latter, a vulnerability in a smart contract allowed an attacker to create a shortage of funds in pools.

“These funds were used to exchange WETH tokens for STA and back 24 times in a row, which allowed to empty the STA balance in the pool. Each time the attack organizer exchanged WETH for STA, the Balancer pool received 1% less STA than expected, ”the company said.
The actions of the hacker were based on the operation of the STA deflation mechanism, due to which 1% of each transaction in the network is destroyed. As a result, he managed to withdraw WETH, WBTC, SNX, and LINK tokens in the amount of ~ $ 500,000.

To hide the traces, the attacker used the Tornado Cash Ethereum mixer. A 1inch statement said the hacker demonstrated deep knowledge of the leading DeFi protocols, making him an extremely gifted smart contract developer.

According to Coingecko, the market value of the STA has fallen by 70.7% over the past day. In the last hour alone, the token has fallen in price by 28.9%.

In a subsequent tweet, Stephen Zheng cited a screenshot of a message from Telegram in which one of the users suggested going to court with a class action lawsuit against Balancer Labs.


Recall that last week Balancer issued its own management token on the Ethereum core network. The coin on the first day of trading showed significant growth.
Top Bottom