Balancer, once trusted as one of the safest names in decentralized finance (DeFi), is now facing a major crisis after an exploit wiped out more than $116 million across several blockchain networks. What started as about $70 million in losses quickly grew as the attacker shifted funds between chains and converted much of it into Ethereum (ETH). In just an hour, Balancer — once known for its reliability — found itself added to the growing list of DeFi platforms hit by complex smart contract hacks.
According to blockchain analytics platform Lookonchain, the hacker started swapping stolen tokens for ETH shortly after the exploit began. “Note that the Balancer hacker is now swapping the stolen assets for $ETH,” Lookonchain reported. The total value of stolen funds surged to $116.6 million before activity began to slow. The attack mainly targeted wrapped ETH and other staked derivatives across multiple chains.
Vulnerability in Balancer V2 pools
Balancer confirmed the incident on X, acknowledging a “potential exploit impacting Balancer v2 pools.” The team said its engineers and security experts were “investigating with high priority” and would share verified updates as soon as possible. The statement, however, did little to calm investors as withdrawals surged across integrators and protocol forks.
Blockchain investigators identified that the exploit stemmed from a flaw in Balancer’s smart contract interactions. According to on-chain analyst Adi, “Improper authorization and callback handling allowed the attacker to bypass safeguards. This enabled unauthorized swaps or balance manipulations across interconnected pools.” Adi added that Balancer’s composable design amplified the issue, allowing the hacker to drain assets rapidly.
Preliminary data from Lookonchain showed the attacker moved significant amounts of WETH, osETH, and wstETH. In total, about 6,587 WETH worth $24.46 million, 6,851 osETH worth $26.86 million, and 4,260 wstETH valued at $19.27 million were stolen. The on-chain portfolio linked to the Balancer exploiter is now valued at around $90.5 million, marking a 6.6% decline in 24 hours due to the broader market drop, according to data from Arkham.
StakeWise recovers stolen tokens
Amid the chaos, Ethereum staking protocol StakeWise announced that it successfully recovered a large portion of stolen osETH and osGNO tokens. “StakeWise DAO emergency multisig has executed a series of transactions, recovering ~5,041 osETH (~$19M) and 13,495 osGNO (~$1.7M),” the team wrote on X. The recovered funds, representing 73.5% of the stolen osETH, will be returned to affected users on a pro-rata basis.
The swift action by StakeWise slightly reduced market fears that large volumes of ETH might be dumped into circulation. Consequently, analysts believe the partial recovery could stabilize ETH’s short-term outlook. As of Tuesday, ETH was trading around $3,500, down 23% from Monday, as per CoinMarketCap.
Balancer’s struggles continue
According to data from DeFiLlama, the total funds locked in Balancer have dropped to about $355.68 million, a sharp fall from its $3 billion peak in 2021. This decline shows how much money has slowly left the platform after several security issues over time. Still, Balancer remains active, handling around $2.81 billion in trading volume over the past month and generating about $10.7 million in yearly revenue despite the setbacks.
Haseeb, a popular crypto commentator, noted how chains reacted differently to the hack. “Berachain had validators halt the network. Polygon validators censored hacker transactions. Sonic added functionality to freeze & zero out the hacker’s account,” he said. “Smaller ecosystems should prioritize safety and community protection over ‘code is law.’”
Audit gaps expose Balancer’s weakness
Security concerns have also arisen because Balancer has not experienced a major audit since 2022. It runs a bug bounty on Immunefi for up to 1,000 ETH for critical smart contract vulnerabilities, but excludes web interface issues. Previous audits by Certora, OpenZeppelin, and Trail of Bits are available online, but fixes are difficult to implement for immutable contracts on Balancer without redeployment.
In October 2022, it introduced the Balancer Certora Security Accelerator that would support projects with verification tools and $10,000 in credits. However, this recent exploit has again brought about demands for regular audits and more robust defenses as far as user funds are concerned.
Why this matters
The Balancer hack shows how fragile even the most established DeFi systems can be. These platforms connect many pools and tokens, which makes them powerful but also easier to break when something goes wrong. Even after audits and security reviews, flaws can slip through. Once exploited, hackers can shift stolen funds across several blockchains almost instantly, leaving teams with little time to react or recover what’s lost..
For Balancer, this breach marks a tough crossroads. The team now faces the challenge of proving it can learn from the failure and earn back user confidence. StakeWise’s recovery effort brings some relief, but trust in the protocol has clearly been shaken. Rebuilding that trust will depend on honest communication and stronger security, not quick fixes.
Also Read: Stream Fund Discloses $93M Loss, Temporarily Halts Operations
