The team behind Balancer, an Ethereum-based automated market maker, believes a social engineering attack on its DNS service provider was what led to its website’s front end being compromised on Sept. 19, leading to an estimated $238,000 in crypto stolen.
“After investigation, it is clear that this was a social engineering attack on EuroDNS, the domain registrar used for .fi TLDs,” the firm explained in a Sept. 20 X post.
Approximately eight hours after the first warning of the attack, Balancer said its decentralized autonomous organization (DAO) was actively addressing the DNS attack and was working to recover the Balancer UI.
At 5:45 pm UTC on Sept. 20, Balancer said it was successful in securing the domain and bringing it back under the control of Balancer DAO. It also confirmed its subdomains “app.balancer.fi” and “balancer.fi” are safe to use again.
After investigation it is clear that this was a social engineering attack on EuroDNS, the domain registrar used for .fi TLDs.
We are exploring deprecating the .fi TLD in order to move to a more secure registrar and suggest that other projects using the TLD do the same.
[2/2]
— Balancer (@Balancer) September 20, 2023
However, it suggested any other projects using the same top-level domain…
