Balancer regains domain control after DNS attack, weighs registrar switch

The attack prompted the Balancer team to issue a public notice advising users not to interact with the platform’s user interface on Tuesday

article-image

Harvepino/Shutterstock, modified by Blockworks

share

Decentralized finance liquidity protocol Balancer said Wednesday it has regained control over its domain after a DNS attack on Tuesday left its user interface compromised. 

Balancer, in a statement on social media, said its “domain is now secure and back under the control of the Balancer DAO.”

The attack prompted the Balancer team to issue a public notice advising users not to interact with the platform’s user interface while they continued to investigate the incident. 

Balancer attributed the attack to social engineering tactics executed on EuroDNS, a domain registrar for the .fi top-level domain (TLD). Balancer is exploring the deprecation of the .fi TLD in favor of a more secure domain registrar, and is recommending others follow suit.

The “.fi” TLD is the country code specifically designated for Finland. Like other country-code TLDs such as “.uk” for the United Kingdom or “.au” for Australia, “.fi” is primarily intended for entities located within or associated with the designated country.

Blockworks has reached out to learn more, but has yet to receive a response.

Crypto analyst ZachXBT on Tuesday disclosed that stolen funds from the platform were being routed to a specific Ethereum address. The theft reportedly totaled approximately $238,000. 

The attack also triggered fluctuations in the value of Balancer’s native token (BAL), sending the token down by 3.2% from a daily high of $3.44 to $3.27 on Tuesday. The asset has since fallen a further 1.2% to $3.23 on the day.

Balancer’s security incident is the latest in a series of setbacks for the protocol. The platform faced a similar exploit targeting its liquidity pools last month. 

Constructed on the Ethereum blockchain network, Balancer serves dual roles as an automated market maker and a liquidity facilitator. This enables users to conduct token trades directly through its liquidity pools, eliminating the necessity for a conventional order book.


Get the news in your inbox. Explore Blockworks newsletters:

Tags

Decoding crypto and the markets. Daily, with Byron Gilliam.

Upcoming Events

Javits Center North | 445 11th Ave

Tues - Thurs, March 24 - 26, 2026

Blockworks’ Digital Asset Summit (DAS) will feature conversations between the builders, allocators, and legislators who will shape the trajectory of the digital asset ecosystem in the US and abroad.

recent research

Monad SR Report Graphic.png

Research

Monad is a new Layer 1 blockchain designed as a high performance, EVM-compatible platform.

article-image

Engineers from MetaMask, Coinbase, Google, and the Ethereum Foundation make the case for onchain AI agents via ERC-8004

article-image

Legacy payments firm partners with Anchorage Digital to issue a dollar-pegged token under new US stablecoin law

by Blockworks /
article-image

As Solana ETFs launch but network REV trends lower, Jito sits at the intersection of new capital inflows and microstructure improvements

article-image

The Truth Social parent will integrate Crypto.com Derivatives North America, allowing users to trade prediction contracts under federal oversight

by Blockworks /
article-image

Partnership surpasses $2 billion in staked assets and adds support for new Proof-of-Stake networks

by Blockworks /
article-image

The tokenization leader will merge with Cantor Equity Partners II, becoming the first public firm focused on securities tokenization

by Blockworks /