Balancer Exploit Drains $120M in Major DeFi Security Breach

Key Takeaways

The Balancer exploit resulted in over $120 million stolen from V2 Composable Stable Pools.
Attackers targeted staked Ethereum assets, including WETH, osETH, and wstETH.
The breach occurred despite 11 previous security audits by leading firms.

Sophisticated Attack Targets Liquidity Pools

In one of 2025’s largest decentralized finance (DeFi) security incidents, a major Balancer exploit has drained approximately $120 million from the protocol’s V2 Composable Stable Pools. The attack initiated early on Monday and involved liquidity pools consisting of wrapped Ethereum assets. Blockchain analytics company, Lookonchain, reported the theft was 7,838 WETH ($29 million), 6,341 osETH ($24.8 million), and 4,260 uniETH ($67.8 million).

Balancer Exploit Drains $120M in Major DeFi Security Breach: The decentralized exchange suffered one of 2025's largest hacks, targeting V2 Composable Stable Pools despite multiple security audits. — *Balancer exploit. (Source:* X)

The Balancer exploit has led to a notable setback for the prominent decentralized trading platform, which had endured extensive security audits and reviews by some of the most reputable firms in the space, like OpenZeppelin and Trail of Bits.

Read also: $3 Million XRP Hack Exposes Cold Wallet Misuse and Predatory Recovery Firms

Immediate Response and Partial Recovery

Following the Balancer exploit, the team behind the protocol immediately halted vulnerable pools and initiated recovery efforts. In a notable development, StakeWise DAO’s emergency multisig successfully recovered approximately $20.7 million in stolen assets, representing 73.5% of the osETH taken from their protocol.

To this point, the Balancer exploit specifically impacted pools that had exceeded their pause window, leaving these ones temporarily unprotected against the complex attack vector that took advantage of a broken access check in the smart contract code.

Read also: SBI Hack: North Korean Hackers Suspected of $21M Crypto Theft

Audit Effectiveness Questioned

The magnitude of the Balancer exploit raises serious questions about the effectiveness of traditional security audits in DeFi. It underwent 11 separate audits between 2021 and 2022 by four separate security firms, yet only to have the vulnerability exploited.

Balancer has instituted an amount of 20% white hat bounty for the return of remaining funds and is working with blockchain forensics experts to trace the stolen assets, demonstrating the continued challenges of protecting complex DeFi protocols from determined attackers.

FAQs

Which pools were affected by the Balancer exploit?

The attack specifically targeted V2 Composable Stable Pools containing staked Ethereum assets. Balancer V3 pools and other pool types remained unaffected, according to the team’s official statement.

Have any of the stolen funds been recovered?

Yes, StakeWise DAO successfully recovered around $20.7 million in osETH and osGNO tokens through emergency multisig actions, representing a significant portion of the assets stolen from their protocol.

What should Balancer users do now?

Users should monitor official Balancer communications on X and Discord, withdraw liquidity from affected V2 pools if possible, and beware of fraudulent messages claiming to be from the Balancer security team offering recovery services.