Blockchain security firms SlowMist and CertiK also believe the crypto wallet drainer, Angel Drainer, was involved in the estimated $238,000 exploit.
Source: https://cointelegraph.com/news/balancer-social-engineering-attack-dns-provider-frontend-hijack