Balancer DeFi Protocol Suffered $128M Hack and Recovered $19.3M After Hours

Balancer, the Decentralized Finance (DeFi) protocol that functions as an automated market maker (AMM) and a decentralized exchange (DEX) on the Ethereum blockchain, has recently suffered a network breach that ultimately led to a $128 million hack. According to the latest information, the hacker used a key Ethereum mainnet to execute a series of transactions. On Monday, November 3, 2025, DeFi protocol Balancer’s major network breach affected its V2 Composable Stable Pools, and the hackers exploited the network compromise, including flaws in authorization and callback handling within smart contracts, and capitalized on these flaws to execute unauthorized transactions. The hacker reportedly stole $128 million and laundered the money via Tornado Cash and swapped it for Ethereum.

Just hours after the hack, Balancer has recovered 5,041 osETH, reportedly worth around $19.3 million from the stolen $128 million, with the help of a liquid staking service called StakeWise. StakeWise reportedly recovered $19.3 million worth of stolen osETH tokens from the hacker by leveraging coordinated contract interactions. Blockchain experts claimed that the partial recovery of stolen funds brought down the remaining losses and helped users believe that the project is actively trying to mitigate the damage. Prominent crypto analyst EmberCN confirmed that the assets stolen by the hacker from Balancer had dropped from $117 million to $98 million. 

Adi, a market analyst, posted on X that the attack had targeted Balancer’s V2 vaults and liquidity pools, exploiting a vulnerability in smart contract interactions. He mentioned that preliminary analysis from on-chain investigators pointed to a maliciously deployed contract that had manipulated Vault calls during pool initialization. He added that the exploiter had initiated a series of transactions starting with a key Ethereum mainnet transaction (0xd155207261712c35fa3d472ed1e51bfcd816e616dd4f517fa5959836f5b48569), which had funneled assets to a new wallet under their control. He noted that funds had then been consolidated, likely for laundering via mixers or bridges.  

“The Recovered Funds Will Be Returned To the Users, Says StakeWise

StakeWise confirmed via X that the StakeWise DAO emergency multisig had executed a series of transactions, recovering approximately 5,041 osETH (around $19M) and 13,495 osGNO (approximately $1.7M) tokens from the Balancer exploiter. They stated that on the Ethereum mainnet, this represented 73.5% of the approximately 6,851 osETH that had been stolen earlier that day. They also confirmed that the recovered funds would be returned to those who were affected in the Balancer V2 exploit. The redistribution procedure will be based on their pre-exploit balances. 

Balancer has confirmed that all other Balancer pools are unaffected and claimed that the reported issue was isolated to V2 Composable Stable Pools and does not impact Balancer V3 or other Balancer pools. Previously mentioned Adi stated that there was no evidence of a private key compromise and confirmed that the hack was because of a pure smart contract exploit.  He also provided the roughly stolen assets details.   

• Ethereum: ~$70M+ drained (main hit)
• Base & Sonic: ~$7M combined
• Other chains: ~$2M+
• Main stolen assets: WETH, wstETH, osETH, frxETH, rsETH, rETH – roughly $110–116M total.

Balancer was hacked despite strong multiple audits, and this attack questions the effectiveness of audits and the efficiency of the decentralized and interconnected crypto world. Balancer was shielded with around a dozen audits till November and still got exposed. Investors are concerned, even though they know that the decentralized arena is risky and is exposed to hacks like these anytime. The Balancer team posted on X that they were committed to operational security, had undergone extensive auditing by top firms, and had bug bounties running for a long time to incentivize independent auditors. They stated that they were working closely with their security and legal teams to ensure user safety and were conducting a swift and thorough investigation. They also urged users to be aware of the fraudulent messages claiming to be from the Balancer Security Team and advised them not to interact with unsolicited communications.    

The post Balancer DeFi Protocol Suffered $128M Hack and Recovered $19.3M After Hours appeared first on BiteMyCoin.