Experts are debating whether the latest hack shakes confidence in DeFi or is just part of the inherent risks as investors chase higher yields.
Veteran decentralized exchange (DEX) Balancer v2 suffered a massive hack on Monday, losing more than $128 million and raising questions about whether users can trust even long-established and audited decentralized finance (DeFi) platforms.
According to PecShield, on-chain data showed approximately $128 million in digital assets sent to the hacker’s wallet across multiple blockchains, including 6,587 WETH (approximately $24.5 million), 6,851 osETH (approximately $26.9 million), and 4,260 wstETH (approximately $19.3 million). This is Balancer’s biggest hack yet.
This loss affected several networks including Ethereum, Polygon, Base, Arbitrum, Optimism, Sonic, and Verachain. According to CoinGecko, Balancer’s native token, BAL, fell 11.1% to $0.87. Meanwhile, the protocol’s total value locked (TVL) decreased from $776 million to $406 million in the past 24 hours, according to DeFiLlama.
Expert opinions are divided
Monday’s Balancer exploit highlights how even established DeFi platforms remain vulnerable to attack, but experts are divided on whether the breach has hurt overall trust in DeFi.
Circuit founder and CEO Harry Donnelly said the Balancer breach was a “serious warning” to the DeFi ecosystem, noting that the company is “one of the most trusted names in the space” and “an early pioneer with a culture of compliance backed by rigorous auditing and open disclosure.”
At the same time, he warned that the transparency that has contributed to Balancer’s success is also at risk of abuse. “If DeFi wants to truly challenge traditional finance, it must stay ahead of bad actors through proactive resilience and response, not just reactive patching and freezing funds,” Donnelly said.
However, other industry experts emphasized that DeFi investing comes with risks and that confidence is likely to remain the same.
“Smart contracts and financial engineering are part of the risk profile of investing in DeFi. This is why auditing smart contracts is important,” said Vladislav Ginzburg, Founder and CEO of OneSource. “I don’t think the Balancer exploit represents a new paradigm. Therefore, the trust and risk factors should not change. The status quo will remain.”
Kadan Stadelmann, CTO of Komodo Platform, echoed similar sentiments, arguing that avid DeFi users will not be deterred, but institutional investors may be. “These types of hacks in DeFi are what lead institutional and alternative asset investors to Bitcoin-only strategies,” he said.
Audits have ‘little meaning’
The incident also raised questions on social media about the reliability of audits in DeFi. Blockchain researcher Suhail Kakar shared in a post on X that Balancer v2 has been audited over 10 times but is still being exploited.
Specifically, Balancer v2 underwent multiple security audits from 2021 to 2023 by companies such as Certora, OpenZeppelin, and Trail of Bits.
“We have to accept that ‘audit by X’ means little in this space,” Kakar says. “Code is hard and DeFi is even harder. It’s disappointing, but I hope the team recovers.”
rapid intervention
Analysts said the hack was due to a flaw in Balancer v2’s smart contract that allowed fraudulent withdrawals.
Nansen research analyst Nikolai Sondergaard said in a comment published in The Defiant that the attackers may have “fabricated a large amount of fees and deposited them into the balancer’s fee account, then hit the withdrawal button to cash out the WETH, essentially turning fake credits into real money.”
This is the third known security breach by Balancer, following incidents in 2021 and 2023. The exploit also caused Berachain, which has a TVL of $404 million, to temporarily suspend its blockchain and perform an emergency hard fork to protect funds.
VeraChain said it is closely monitoring the situation and “once all affected funds have been recovered, the network will be operational shortly.” Verachain’s BERA token fell 10% to $1.62 following the incident.
Meanwhile, other networks reacted differently. The Polygon validator reportedly froze the hacker’s transactions, while Sonic added the ability to freeze the attacker’s S balance to zero, one of Dragonfly Capital’s managing partners noted in X.
balancer reaction
Balancer acknowledged the incident in two posts on X, noting that its engineering and security teams are investigating. “We will share verified updates and next steps as more information becomes available,” the team wrote.
The team has confirmed that this exploit only affects v2 composable stable pools and does not affect Balancer v3 or other pools.
They further explained that some pools have been running on-chain for several years, so “many were outside of the moratorium period.” However, it added that “all pools that may have been suspended have been suspended and are now in recovery mode.”
The team also warned of fake messages circulating following the hack and asked users to rely only on official communications via Balancer’s X account and Discord server.
The Defiant reached out to Balancer for comment, but had not yet received a response at the time of publication.