Balancer, which is a fixed financial protocol (defi) focused on the operation of the automated market (AMM), was exploited early Monday during an attack that may have led to $ 120 million or more in losses for its users.
Specific details of how the attack was carried out are unclear at this time. According to the first analysis published in the Blocksec Palcon X accountthe exploit was “very sophisticated” and built a number of manipulations within the protocol that allowed the attacker to take advantage. On the other hand, Cyvers CEO DEDDY LAVID I said Bloomberg An attacker may be able to manipulate the measurements directly by exploiting the control mechanisms of the protocol.
We know that there may be pools of influence of the balancer V2.
Our engineering and security teams are seriously investigating.
We will share confirmed updates and next steps as soon as we have more details.
– Balancer (@cabalancer) November 3, 2025
Latest update from Balancer showing They are currently working with leading security researchers to better understand what happened and will eventually provide a full post-shotem report. In addition to Balancer, other projects that were based on infections of those special Defi Protoctol’s Smart contracts are also affected.
While hacks and thefts in the world of defi and crypto in general are not common, attacks with commercial attacks are especially worrying because of the high level of trust due to trust. Balancer has been around since 2020, and has received many audits from the most trusted Firms over the years, including the likes of Openzeppelin and Call Track. These are relatives of firms that have given their stamp of approval to other reputable and reliable protocols.
Notably, the exploit happened on Balancer V2, which was launched in 2021 and was supposed to be considered better updated and more reliable than the latest launch of Balancer V3 due to its presence in the field for a long time.
Edereum engineer Leftenis Karapetsas commented on X That the top takeaway from this event isn’t an actual steal, but rather a drop in confidence in the defi that will go along with it. “The protocol is alive as of 2020, researched and widely used, it still suffers from the imminent loss of TVL,” wrote karapetsas. “That’s a red flag for anyone who thinks Defi is ‘tough.’ No large amount of money has been allocated to fragile projects. “
Hasi, who is LIDO’s strategic advisor and lead strategy at flashbots, shares similar sentiments, to put“Balancer V2 is launched in 2021 and it’s one of the most interesting and trending contracts. Every time the old development contract goes back 6 to 12 months.”
Not surprising, but the balancer exploit is the status of the night.
Balancer is a defi og that works since 2020, among the top three battle-tested dapps, and exploits take place in balancer v2 vaults (tested by many top firms that also test most of defi).
It’s not good. pic.twitter.com/sbgaou9pqg
– JFab.th (@josefabregab) November 3, 2025
At least one blockchain, Berachain, has been temporarily shut down in response to the attack. In fact, the Berachain network will face a hard fork in an attempt to reverse the effects of this exploit on its chain, According to Berachain X Account. This reminds us of the situation from two weeks ago, there Lack of real restructuring in Crypto exposed for a mature moment at Amazon Web Services (AWS).
According to Coinbase director Concor Groganthe Balancer Exploiter sponsored an attack in conjunction with the operation of Tornado Cash, which is a mixing protocol in Emeremu that aims to separate money from purchase history.
Unless the exversoiter transfers the money to stablecoins, which are easily regulated and highly dependent on the blacklist, or crypto-currency to a centralized exchange, the return of the money can be difficult. That said, there have been previous cases there Defi Protocol backers partially refunded or The protocol itself was viewed as a bailout. At this time, it is simply too early to tell what will happen in this particular incident.
At the moment, the consequences of this latest exploit in the crypto world can include doubting whether defi protocols can be trusted and are worth the cost of good calculations, especially when it comes to Financial transactions involving tokens issued by shadow companies are however.
