This attack exploited a smart contract interaction vulnerability. This allowed attackers to manipulate pool operations and drain funds within minutes.
Preliminary analysis by on-chain researchers indicates that a maliciously deployed contract abused the vault’s initialization process and bypassed security measures intended to prevent unauthorized swaps and balance manipulation. Although full forensic reports from auditing firms such as PeckShield and Nansen have not yet been submitted, early data indicates that approximately $110 million to $116 million in Ethereum and other assets were stolen.
How did attacks with Balancer work?
This breach leveraged Balancer’s composable design, where pools interact extensively, amplifying the vulnerability. Improper authentication and callback handling allowed the attacker to execute a series of high-speed transactions starting with the primary Ethereum mainnet transaction. The funds were then collected into a new wallet, possibly washed through a mixer or cross-chain bridge.
Here’s what you need to know about balancer hacks.
1. This attack targeted Balancer’s V2 vault and liquidity pool and exploited a smart contract interaction vulnerability. Preliminary analysis by on-chain researchers points to contracts that were introduced maliciously. pic.twitter.com/udAM4hB0OD
β Adi (@AdiFlips) November 3, 2025
The primarily stolen assets included WETH, wstETH, osETH, frxETH, rsETH, and rETH, with the majority of the losses, approximately $70 million, coming from Ethereum. Additional losses on the Base and Sonic networks totaled $7 million, with other chains accounting for more than $2 million. This type of exploit highlights the risk of recurrence in AMM and DeFi platforms, especially with deflationary tokens and complex pool rebalancing.
This is completely insane. The total amount of funds stolen by the Balancer exploit has now jumped to $116.6 million. π pic.twitter.com/yZIC6H9NB3
β Lookonchain (@lookonchain) November 3, 2025
Investors exposed to Balancer V2 pools should act quickly. Withdraw funds immediately if possible and avoid affected pools. Use tools like Revoke, DeBank, and Etherscan to cancel the authorization of smart contracts linked to Balancer addresses and prevent further fraudulent operations. Monitoring your wallet via Etherscan or Dune Analytics allows you to detect suspicious activity in real time. It’s important to stay informed. Follow updates from PeckShieldAlert, lookonchain, and Balancer’s official channels to track recovery efforts and forensic discoveries.
Balancer hack details
Balancer had been audited more than 10 times, and its V2 vault was inspected on three separate occasions by different companies, but it was still the victim of a $110 million hack. This incident highlighted the harsh reality of decentralized finance. βAudit by Xβ comes with little guarantee.
Balancer has passed over 10 audits. The safe was audited three times by different companies.
$110 million still hacked
We have to accept that “audited by X” means little in this area. Code is difficult, defi is difficult
It’s unfortunate but I hope the team recovers. pic.twitter.com/nZzVzCdqDO
β Suhail Kakar (@SuhailKakar) November 3, 2025
Writing secure code is hard, but building composable DeFi systems is even harder. While disappointing for users and the protocol, there is hope that the Balancer team will bounce back from this setback and learn from it, highlighting the importance of vigilance and continuous improvement in the rapidly evolving DeFi space.
Disclaimer
The information provided by Altcoin Buzz does not constitute financial advice. It is for educational, entertainment, and informational purposes only. All opinions and strategies shared are those of the writer/reviewer, and their risk tolerance may differ from yours. We do not accept any responsibility for any losses you may incur as a result of investments related to the information provided. Bitcoin and other cryptocurrencies are high-risk assets. Therefore, please conduct thorough due diligence. Copyright Altcoin Buzz Pte Ltd.
The post Balancer hack exposes $116 million smart contract vulnerability appeared first on Altcoin Buzz.