Balancer, an Ethereum automated market maker and decentralized finance protocol, was hacked for roughly $900,000 on Aug. 27, the protocol acknowledged on X (previously Twitter), just days after exposing a vulnerability that affected many pools.

Meier Dolev, a blockchain security expert, has discovered an Ethereum address reportedly linked to the attacker.

Following the exploit, the address received two Dai stablecoin payments valued $636,812 and $257,527, bringing its total amount to more than $890,000.

"Balancer is aware of an exploit related to the vulnerability below," the protocol's team wrote on X, adding that while recent mitigation steps had greatly decreased risks, vulnerable pools could not be halted. "To prevent further exploits, users must withdraw from affected LPs," it suggested.

On August 22, Balancer first highlighted a major vulnerability impacting its boosted pools, advising users to remove funds from liquidity providers (LPs) and pause pools to avoid any damage.

Assets on Ethereum, Polygon, Arbitrum, Optimism, Avalanche, Gnosis, Fantom, and zkEVM were at risk.

Only 1.4% of its entire assets were at risk on the day of the vulnerability discovery, representing approximately $5 million in asset exposure. On August 24, at least $2.8 million — 0.42% of its total locked value — remained at danger. Balancer issued the following warning to its users on X:

“We believe funds in the mitigated pools (labeled ‘mitigated’) are safe, but nevertheless strongly recommend timely migration to safe pools, or withdrawal. Pools that could not be mitigated are labeled ’at risk’. If you are an LP in any of these pools, please exit immediately.”

Sources:

https://cointelegraph.com/news/balancer-exploited-900k-after-vulnerability-warning

https://twitter.com/Meir_Dv/status/1695786374186549540/photo/1

https://etherscan.io/address/0xB23711b9D92C0f1c7b211c4E2DC69791c2df38c1#tokentxns

https://forum.balancer.fi/t/vulnerability-found-in-some-pools/5102?u=endymionjkb