ChainCatcher news, according to SlowMist Intelligence, balancer.fi is currently under a BGPHijacking attack. Accessing the website and linking a wallet may result in a phishing attack. According to CloudFlare's BGP Origin Hijack-17957, the ASN victim list includes AS13335, which is associated with balancer.fi. Currently, accessing the website will trigger a phishing security warning from CloudFlare.Here is the analysis of this incident by the SlowMist security team:Query the DNS resolution records of the domain balancer.fi (https://bgp.tools/dns/balancer.fi). The A records show addresses 104.21.37.47 and 172.67.203.244. The BGP AS region number for these two IP addresses is AS13335, which belongs to CloudFlare.According to CloudFlare's records (https://radar.cloudflare.com/routing/anomalies/hijack-17957), AS13335 is on the list of ASs involved in the BGP Origin Hijack attack.It was found that the HTTPS certificate for balancer.fi has been replaced with the attacker's certificate.Currently, accessing https://app.balancer.fi will trigger a phishing security warning from CloudFlare.Analysis shows that there is malicious JavaScript code on the frontend of app.balancer.fi (https://app.balancer.fi/js/overchunk.js).Users connecting their wallets to app.balancer.fi will have their balances automatically checked by the malicious script, leading to phishing attacks.After analysis by MistTrack, the malicious addresses are as follows:0x00006DEAcd9ad19dB3d81F8410EA2B45eA5700000x645710Af050E26bB96e295bdfB75B4a878088d7E0x0000626d6DC72989e3809920C67D01a7fe030000The SlowMist security team reminds users that the BGP attack against balancer is still ongoing, and they should temporarily stop accessing the balancer website to avoid being attacked.