Balancer Suffers $116 Million Exploit in V2 Stable Pools
DeFi protocol Balancer confirmed an exploit on November 3, 2025, that drained over $116 million from its V2 Composable Stable Pools. The attack happened around 7:48 AM UTC, impacting only this older version launched in 2021. Balancer has paused all vulnerable pools and placed them in recovery mode. Balancer V3 and other pools were not affected.
Blockchain investigators and security analysts quickly identified the breach. Lookonchain estimated the stolen funds at $116.6 million, spread across Ethereum, Polygon, and Base networks. OnchainLens reported that the attacker had started moving the stolen assets, raising concerns about potential laundering through other DeFi platforms.
Code Flaw Exploited Across Multiple Networks
Initial analysis points to a flaw in Balancer V2’s “manageUserBalance” function. This function determines which addresses can initiate fund transfers during contract execution. Developer Suhail Kakar explained that it misidentified the message sender, allowing attackers to move funds without proper authorization.
The vulnerability resided in Balancer’s shared vault system. It enabled the exploiter to drain tokens across several blockchains. The stolen assets include 6,850 osETH, 6,590 WETH, and 4,260 wstETH. Security firm Cyvers described the incident as “suspicious” early on November 3.
Balancer Offers 20% Bounty and Fallout Expands
Balancer sent an on-chain message to the attacker offering a 20% white-hat bounty for returning the remaining funds. The offer is valid for 48 hours unless extended. The breach has caused losses beyond Balancer. Beets Finance, which uses Balancer’s infrastructure, reported over $3 million lost and roughly $60 million still at risk.
Balancer managed about $700 million in total value locked (TVL) before the exploit, according to DefiLlama. This makes the incident one of the largest DeFi hacks of 2025. It follows the recent release of Balancer V3, a more secure upgrade.
The protocol also faced a website hijack earlier this year, during which hackers stole $238,000 by mimicking the official frontend. Balancer warned users to only trust updates from its verified accounts on X and Discord.
As Balancer collaborates with auditors and law enforcement, the community remains concerned about security. The exploit highlights ongoing challenges in DeFi’s promise of a truly “trustless” financial system. Experts call for stronger recovery tools and unified security standards to protect users’ funds.
