Key Takeaways
- The Ethereum-based DeFi protocol Balancer was exploited on November 3, resulting in losses exceeding $70 million.
- Attackers drained multiple liquidity pools and moved funds into a single new wallet within minutes.
- This marks Balancer’s third major breach since 2020, raising renewed questions about DeFi security.
The decentralized finance (DeFi) protocol Balancer, one of Ethereum’s most established automated market makers (AMMs), suffered a major exploit on November 3, resulting in losses of nearly $116.9 million.
Another Blow to DeFi Security: What Happened?
On-chain data shows that multiple Balancer liquidity v2 pools were drained in rapid succession, with the stolen tokens quickly transferred to a newly created wallet controlled by the attacker.
The root cause was a faulty access control check in Balancer V2’s manageUserBalance function, specifically in _validateUserBalanceOp.
This allowed the attacker to:
- Supply a malicious op.sender parameter, bypassing permission checks.
- Trigger unauthorized internal balance withdrawals from vaults without proper authorization.
- Exploit boosted pools holding staked Ether derivatives.
The vulnerability affected older V2 forks, potentially exposing more than $60 million in downstream protocols.
The attack likely involved flash loans or scripted transactions to amplify drains across chains. Balancer’s team confirmed the issue impacts V2 pools and is investigating, urging users to revoke approvals and avoid interactions.
Total Assets Lost: $117 Million
According to blockchain trackers, the drained assets had reached $116.9 million by the time of writing.
The swift execution of the transfers suggests the attacker had a deep understanding of Balancer’s smart contracts, potentially exploiting a flaw in how the platform handles swaps or manages pool balances.
Balancer did not immediately respond to a request for comment.
Balancer Reacts, Community on Edge
Hours after the hack, Balancer’s team acknowledged the exploit and said they are actively monitoring the issue. They also assured the community that they would provide timely updates.
Blockchain analysts have advised users to refrain from interacting with Balancer pools until more information is released, warning that additional vulnerabilities may still be present.
Meanwhile, Balancer’s native token (BAL) dropped over 8% intraday , mirroring investor unease and highlighting how quickly sentiment can shift when transparency is absent in the wake of a major hack.
A Familiar Pattern
This is not Balancer’s first encounter with hackers. In fact, the platform has now suffered three major security incidents in five years — an unsettling record for one of DeFi’s longest-running protocols.
The latest $117 million attack dwarfs those previous incidents, making it Balancer’s most severe exploit to date and one of the largest DeFi hacks of 2025.
Ongoing Investigation
Security researchers and DeFi auditors are still analyzing the exploit’s technical vector.
Early evidence indicates a smart contract vulnerability that enabled the attacker to manipulate swaps or imbalances across multiple pools — a recurring weakness in complex AMM protocols.
At the time of writing, no funds had been recovered, and the attacker’s wallet remains active on Ethereum.
Recommended Secure Partners
Read More: Balancer’s Largest Hack Yet — $117M Gone, Threat Still Active