Balancer’s V2 Composable Stable Pools Vulnerability
Balancer’s V2 composable stable pools have been compromised by a vulnerability, as confirmed by an announcement from Balancer’s official account on the social media platform X. The issue was detected on November 3 at approximately 15:48 UTC+8. In response, the Balancer team is actively collaborating with leading security experts to investigate the matter further and is expected to release a detailed analysis report shortly.
Impact on Stable Pools
These stable pools, which have been active on the blockchain for several years, are particularly susceptible due to many having surpassed the designated pause window duration. As a precaution, all pools capable of being paused have now been halted and are undergoing a recovery period. It is worth noting that this vulnerability specifically concerns the V2 composable stable pools, and Balancer V3, along with other pools, remain secure and unaffected.
Commitment to Security
Demonstrating a commitment to operational security, Balancer has previously engaged in audits with prominent firms and runs a long-standing bug bounty initiative to encourage independent audits. The team is also working in tandem with legal and security departments to prioritize user safety and ensure a thorough investigation.
User Advisory
Users are reminded to stay vigilant as a security advisory has noted instances of fraudulent communications pretending to be from Balancer’s security team. Such messages are not associated with Balancer, and users are strongly advised against engaging with unsolicited messages or clicking on unknown links.
The only source for official updates will be Balancer’s verified accounts on X and their Discord server, so users should be wary of information circulating from unofficial channels as it may be misleading. Balancer plans to keep the community informed as the investigation unfolds, providing regular updates with additional insights.
