Balancer Hack Results in Over $100M Loss, Dealing a Devastating Blow to the DeFi Industry
Original Article Title: "Veteran DeFi Compromised: Balancer V2 Contract Vulnerability, Over $110 Million in Assets Stolen"
Original Article Author: Wenser, Odaily Planet Daily
Editor's Note: Today, the DeFi protocol Balancer fell victim to a hack, with the stolen funds now exceeding $116 million. Several projects have taken remedial actions: Lido has withdrawn its unaffected Balancer position, while Berachain has announced a network halt to conduct an emergency hard fork to address the Balancer V2-related vulnerability on the BEX.
Furthermore, Hasu, the Strategic Director of Flashbots and a Strategic Advisor to Lido, expressed in a post that "Balancer v2 went live in 2021 and has since become one of the most closely watched and frequently forked smart contracts. This is very concerning. Every time a contract that has been live for so long gets hacked, it sets DeFi adoption back by 6 to 12 months." The following is the original content:
On November 3, the veteran DeFi protocol Balancer was reported to have over $70 million in assets stolen. Subsequently, this news was confirmed by multiple parties, and the size of the stolen funds continued to grow. At the time of writing, the amount of assets stolen from Balancer had increased to over $116 million. Odaily Planet Daily will briefly analyze this incident in this article.
Balancer Hack Details: Loss Exceeds $116 Million, Mainly Due to v2 Pool Smart Contract Flaw
According to on-chain information, the Balancer attacker has now stolen over $116 million in assets, with the main stolen assets including WETH, wstETH, osETH, frxETH, rsETH, rETH, spread across multiple chains such as ETH, Base, Sonic, etc., where:
· Assets stolen on the Ethereum chain: approximately $100 million;
· Assets stolen on the Arbitrum chain: nearly $8 million;
· Assets stolen on the Base chain: nearly $3.95 million;
· Assets stolen on the Sonic chain: over $3.4 million;
· Assets stolen on the Optimism chain: nearly $1.57 million;
· Polygon On-Chain Asset Theft: Approximately $230,000.

Crypto KOL Adi posted that initial investigations indicate that the attack primarily targeted Balancer's V2 vault and liquidity pool, exploiting a vulnerability in smart contract interactions. On-chain investigators pointed out that a maliciously deployed contract manipulated the Vault call during pool initialization. Improper authorization and callback handling allowed the attacker to bypass protective measures, enabling unauthorized swaps between interconnected liquidity pools or balance manipulation, resulting in a rapid asset theft within minutes.
Based on the available information, there is no evidence of private key exposure; this is purely a smart contract vulnerability.
Audit firm kebabsec auditor and citrea developer @okkothejawa also mentioned, "The check error mentioned by @moo9000 may not be the root cause, as in all 'manageUserBalance' calls ops.sender == msg.sender. The security vulnerability may have occurred in a transaction prior to the creation of the contract that extracts assets, as it led to some state changes in the Balancer vault."
Balancer's official response stated: "Our team is aware of a potential vulnerability affecting Balancer v2 pools. Our engineering and security teams are actively conducting a high-priority investigation. Once we have more information, we will immediately share verified updates and next steps."
Berachain, which faces potential asset loss risks, also promptly responded. Following a post by the Berachain Foundation, Berachain founder Smokey The Bera stated, "The Bera node group has proactively paused the public chain operation to prevent the Balancer vulnerability from affecting the BEX (mainly the USDe three-pool).
· Instruct Ethena team to disable Bera bridging
· Disable/Suspend USDe deposits in the lending market
· Suspend HONEY token minting and exchange
· Communicate with CEXs and ensure hacker addresses are blacklisted
Our goal is to recover the funds as quickly as possible and ensure the safety of all LPs. The Berachain team will immediately release binaries to relevant node validators and service providers once ready (as this pool contains non-native assets, it involves some slot reconfiguration, not just modifying the Bera token balance)."
Balancer Attacker On-chain Information: https://intel.arkm.com/explorer/entity/cd756cb8-6a84-4f40-9361-f6c548544430
Balancer Hack: Cryptocurrency Whale Most Nervous
As a well-established DeFi protocol, Balancer's users are undoubtedly the most directly affected by this hack. For current users, actions that can be taken include:
· Withdraw funds from Balancer v2 pools to prevent further losses;
· Revoke Authorization: Use Revoke, DeBank, or Etherscan to revoke smart contract permissions from the Balancer address to avoid potential security risks;
· Stay Vigilant: Keep a close eye on the Balancer attacker's next moves and whether they will have a cascading impact on other DeFi protocols.
Additionally, a dormant cryptocurrency whale that has been inactive for 3 years has drawn attention in this hack.
According to LookonChain monitoring, a 3-year dormant crypto whale with the address 0x009023dA14A3C9f448B75f33cEb9291c21373bD8 has suddenly awakened after the Balancer platform vulnerability occurred. The whale is eager to withdraw its $6.5 million related assets from Balancer. On-chain information: https://intel.arkm.com/explorer/address/0x009023dA14A3C9f448B75f33cEb9291c21373bD8
Latest Development: Hacker Initiates Token Exchange Pattern
According to on-chain analyst Yu Jin's monitoring, the hacker of the Balancer hack has begun attempting to exchange many liquidity-staked tokens (LST) for ETH. Previously, the hacker exchanged 10 osETH for 10.55 ETH.
On-chain data shows that the hacker is continuously exchanging stolen assets across multiple chains for ETH, USDC, and other assets using the Cow Protocol. Currently, the hope of recovering these stolen assets seems slim.

In the future, whether Balancer can promptly identify the protocol contract vulnerability and recover the stolen assets quickly, or provide a corresponding solution, Odaily will continue to follow up.
You may also like
Circle CEO responds to OUSD's challenge: Stablecoins are a winner-takes-all business, and we will not slow down
Argentina vs Cape Verde: When a Record-Breaking Legend Meets an Unbreakable Underdog
WEEX exclusive pre-match analysis of Argentina vs Cape Verde, exploring Messi-led Argentina’s dominance and Cape Verde’s historic defensive breakout, with a breakdown of volatility, structure, and match dynamics.
How does Gate redo "buying and selling stocks" from the cryptocurrency world to the stock market?
Former ByteDance employee's account: How I started with two Pinduoduo hard drives and made six times the profit with Seagate to achieve financial freedom?
Visa and Mastercard join 140 giants to launch a new stablecoin, but the impact on the market landscape may still be limited
WEEX Launches Depth Chart for Spot Trading
MiCA reshuffle begins, Binance temporarily bids farewell to the EU
Raising interest rates to protect STRC and selling coins to maintain credit, this time the strategy has chosen the two most expensive paths
Morning Report | Samsung announces a 265.5 trillion won investment plan, focusing on semiconductor and AI computing power data centers; Vitalik publishes an article detailing the entire technology tree behind the confusion protocol (iO) mainline
In the era of AI, what is left of Bitcoin?
NeoSoul announced plans to integrate with the OKX Agentic Wallet, promoting AI agents' participation in the on-chain economy
Why Is Bitcoin Lagging Stocks in 2026? AI Stocks, ETF Outflows, and the Nasdaq Rally Explained
What you bought on CEX is really not US stocks: Analyzing the 94% liquidation monopoly and the evaporation of equity under a five-layer pipeline
In such a crowded cross-border payment arena, where is the next stop for the future?
Why Is Bitcoin Down in 2026? What We Can Learn From 2022
The large models in the United States are moving towards closure in the name of security
From the white-haired stock god to the billionaire fund mogul, the smart people shorting Nvidia are all getting rich using the same framework
Morning Report | CoinEx becomes a key hub for Iran to evade sanctions, involving over $3.8 billion in funds; Kalshi seeks a new round of financing, with a valuation potentially rising to $40 billion
Circle CEO responds to OUSD's challenge: Stablecoins are a winner-takes-all business, and we will not slow down
Argentina vs Cape Verde: When a Record-Breaking Legend Meets an Unbreakable Underdog
WEEX exclusive pre-match analysis of Argentina vs Cape Verde, exploring Messi-led Argentina’s dominance and Cape Verde’s historic defensive breakout, with a breakdown of volatility, structure, and match dynamics.
