Ethereum Updates: Balancer's $116 Million Breach Exposes DeFi Security Vulnerabilities

The decentralized finance (DeFi) platform

has acknowledged a significant security incident, resulting in losses surpassing $116 million across several blockchain ecosystems, such as , , Base, and Optimism, as detailed in . This attack, which exploited weaknesses in the protocol’s smart contracts, has intensified concerns about DeFi security, especially for platforms handling substantial liquidity pools.

The exploit took advantage of a vulnerability in Balancer’s v2 pools, enabling unauthorized asset withdrawals through infinite approval mechanisms for tokens like wrapped staked ETH (wstETH). Blockchain data,

, showed that the attacker siphoned 6,587 WETH, 6,851 osETH, and 4,260 wstETH—amounting to roughly $116.6 million as of November 3, 2025. The theft occurred swiftly, with the stolen funds rapidly moved to new wallets, sparking concerns about possible laundering through decentralized mixers or cross-chain bridges, as .

Balancer’s technical and security teams have verified the breach, advising users to steer clear of compromised pools and assuring that v3 pools remain unaffected, according to

. The protocol’s total value locked (TVL) has since fallen to $678 million, a steep drop from its 2022 high of $3.11 billion. In addition, Balancer’s native BAL token declined by more than 5% after the incident, deepening investor unease.

The cross-chain aspect of the exploit worsened the impact, with further losses reported on forked protocols such as Beets Finance and

. For instance, and Polygon networks experienced outflows of $3.4 million and $117,000, respectively, according to . Security organizations like PeckShield and Certik have pointed out that such exploits often originate from outdated code, highlighting the necessity for ongoing security reviews even in established DeFi projects.

In response, Balancer is working with blockchain security professionals to address the vulnerabilities and strengthen protections. The team has indicated that users impacted by the hack might qualify for compensation, although a formal recovery strategy has yet to be announced. This event marks the third major security compromise for Balancer in the past five years, following previous incidents referenced in

.

The wider DeFi sector has responded with increased vigilance. Experts caution that this breach exposes fundamental risks in liquidity protocols, especially those that depend on interconnected pools and composability. With the global DeFi TVL exceeding $75 billion, specialists emphasize the critical role of secure multi-signature arrangements and hardware wallets to reduce future threats.