Balancer V2 Hack: Over $110 Million in Assets Drained

Nov 4, 2025

2 min read

Table of Contents

Balancer V2 Hack Overview

The recent exploit of the Balancer V2 DeFi protocol marks a significant blow to the decentralized finance community. A smart contract vulnerability resulted in a staggering loss of over $110 million in assets. This comprehensive analysis explores the specifics of the hack, including the assets affected, the reactions from key industry players, and the steps users can take to protect themselves.

Loss Specifics

As of this writing, the funds stolen from Balancer have surpassed $116 million. The primary assets stolen include WETH, wstETH, osETH, frxETH, rsETH, and rETH. These assets were distributed across several blockchains, including:

Ethereum: Approximately $100 million
Arbitrum: Approximately $8 million
Base: Approximately $3.95 million
Sonic: Over $3.4 million
Optimism: Approximately $1.57 million
Polygon: Approximately $230,000

Cause of the Exploit

Initial investigations suggest the attack targeted Balancer's V2 Vault and liquidity pools, exploiting a vulnerability in smart contract interactions. A maliciously deployed contract allowed for manipulation of Vault calls during liquidity pool initialization. Improper handling of authorizations and callbacks enabled attackers to bypass protection measures, leading to unauthorized swaps or balance manipulation between interconnected liquidity pools. Current information indicates this was a pure smart contract exploit, with no evidence of private key compromise.

Balancer and Community Response

The Balancer team has officially acknowledged the potential vulnerability affecting Balancer v2 pools. An investigation is being prioritized by engineering and security teams. Berachain, potentially affected, also responded swiftly by proactively pausing the public chain operation to prevent further impact on BEX (primarily the USDe tri-pool).

What Users Should Do

Balancer users should take the following actions to protect themselves:

Withdraw funds from Balancer v2 pools to minimize potential losses.
Revoke authorizations using tools like Revoke, DeBank, or Etherscan to revoke smart contract permissions for the Balancer address.
Closely monitor the attackers' future actions and their potential consequences for other DeFi protocols.

Next Steps

Odaily Planet Daily is monitoring Balancer's efforts to pinpoint the precise contract vulnerability and the possibility of recovering the stolen assets or providing alternative solutions. Updates will be provided in a timely manner as the situation evolves.

Risk Warning: this article represents only the author’s views and is for reference only. It does not constitute investment advice or financial guidance, nor does it represent the stance of the Markets.com platform.When considering shares, indices, forex (foreign exchange) and commodities for trading and price predictions, remember that trading CFDs involves a significant degree of risk and could result in capital loss.Past performance is not indicative of any future results. This information is provided for informative purposes only and should not be construed to be investment advice. Trading cryptocurrency CFDs and spread bets is restricted for all UK retail clients.