Balancer's Annual Security Incident Review: Total losses exceed $21 million due to attacks such as Flash Loans, front-end hijacking, and cross-protocol vulnerabilities.

On November 3, the DeFi protocol Balancer is currently under attack, with losses exceeding $116.6 million across multiple chains, and the attack on Balancer is still ongoing. According to the on-chain AI analysis tool CoinBob (@CoinbobAI_bot)), the historical security incidents of Balancer are as follows: · June 2020 Flash Loan Attack: The attacker exploited the compatibility issue between the deflationary tokens (STA/STONK) and Balancer's smart contracts, clearing the liquidity pool by repeatedly calling swapExactAmountIn, ultimately profiting $523,600. · August 2023 V2 Pool Vulnerability: Balancer V2 Pool suffered multiple flash loan attacks due to a code vulnerability, with total losses reaching $2.1 million. The team urgently suspended the affected pools and advised users to withdraw their funds, but some funds that were not withdrawn in time were still exploited. · September 2023 Frontend Hijacking Attack: Hackers gained control of Balancer's frontend through BGP/DNS hijacking, misleading users into authorizing malicious contracts, resulting in a loss of $238,000. On-chain detective ZachXBT tracked the fund flow to address 0x645710Af050E26bB96e295bdfB75B4a878088d7E. · 2023 Euler Incident Impact: Due to a vulnerability in Euler Finance, Balancer's bbeUSD pool suffered a loss of $11.9 million, accounting for 65% of the pool's TVL. The team took protective measures to limit liquidity withdrawals. · 2024 Velocore Attack Association: The Velocore vulnerability involved Balancer-style CPMM pools, resulting in a loss of $6.8 million. Balancer's technical architecture was indirectly implicated due to cross-protocol integration.