Balancer V2 Suffers $128M DeFi Exploit Due to Smart Contract Flaw

Balancer V2, a prominent automated market maker, experienced a significant data breach resulting in the loss of $128 million in digital assets. The vulnerability in the V2 vault allowed an attacker to manipulate internal calls and drain funds from liquidity pools. Despite multiple audits, the exploit occurred, highlighting the challenges in securing composable DeFi systems. Users are urged to withdraw funds from affected pools and revoke smart contract approvals. The BAL token value dropped, and the total value locked decreased sharply.

Latest mentioned: 11-05

Earliest mentioned: 11-03

Sources

checkpoint.com bleepingcomputer.com thecyberexpress.com cybersum.net

Also Read

Kimsuky and Lazarus Deploy New Malware in Cyber Espionage

The Kimsuky group has been found using a new backdoor called HttpTroy, while the Lazarus Group has deployed an upgraded BLINDINGCAN RAT. Both campaigns show advanced obfuscation and persistence techniques, targeting victims in multiple regions. The Kimsuky attack used a phishing email with a VPN invoice lure, leading to a multi-stage infection. The Lazarus Group's attack, detected mid-chain, involved a new Comebacker variant and targeted two victims in a country.

11-04Read more →