The Balancer exploit in 2025 resulted in losses exceeding $116 million across multiple chains, targeting wrapped ETH and other assets through flawed smart contract interactions that allowed unauthorized token minting. This DeFi hack highlights ongoing vulnerabilities in established protocols despite recent quiet periods.
-
Balancer, a veteran DeFi protocol, suffered an exploit leading to $116M in losses within hours, affecting Ethereum L1 and Layer 2 chains like Arbitrum, Base, and Optimism.
-
The attack involved ongoing smart contract manipulations, including infinite approvals for assets like wstETH, enabling the hacker to drain vaults rapidly.
-
Post-exploit, a dormant whale withdrew $6.5M from Balancer, while the platform’s TVL stands at $678M, down significantly from its 2022 peak of $3.11B; BAL token value has declined over 99% since launch.
Discover the details of the 2025 Balancer exploit: $116M losses from DeFi vulnerabilities. Learn how it unfolded, impacts on wrapped ETH, and steps for user safety. Stay informed on crypto security—read now!
What is the Balancer Exploit and How Did It Unfold?
The Balancer exploit refers to a major security breach in the DeFi protocol Balancer that occurred in 2025, resulting in over $116 million in stolen assets primarily from wrapped ETH and other tokens across multiple blockchain networks. The attack began with unauthorized smart contract interactions allowing the minting of tokens and escalated quickly from initial estimates of $70 million in losses. Balancer, one of the oldest automated market makers in DeFi, saw its vaults drained on Ethereum’s Layer 1 and Layer 2 solutions including Arbitrum, Base, and Optimism, marking a significant event after months of relative calm in major protocol hacks.
How Did the Balancer Hack Target Multiple Chains?
The Balancer hack exploited vulnerabilities in the protocol’s smart contracts, particularly through functions that permitted infinite approvals for assets like wrapped staked ETH (wstETH). According to on-chain analysis from DeBank, the attacker’s wallet initiated calls to send unauthorized tokens from Balancer vaults, affecting primarily V2 pools which handle lower volumes compared to newer iterations. Data from security firms indicate that the hacker split stolen assets into new wallets shortly after the breach, holding multiple versions of wrapped ETH without immediate unwrapping or trading. This multi-chain approach amplified the damage, with initial losses pegged at $91 million on Ethereum L1 alone. Expert analysts note that such exploits often stem from legacy code flaws in established protocols, underscoring the need for continuous audits even in mature DeFi ecosystems. Ethereum’s price held steady at around $3,735 post-incident, but the event raised concerns about potential cascading effects if assets are laundered through other platforms.
Balancer, one of the oldest DeFi protocols, has been exploited on multiple chains. Within an hour, the estimated losses expanded from $70M to over $116M.
Balancer was the target of the most recent attack against DeFi, targeting wrapped ETH and other assets on multiple chains. The initial estimates were for losses of $70M, but the attack was ongoing, quickly reaching $116M.
The Balancer attack arrived after several relatively quiet months, when hackers selected more obscure protocols. Balancer may line up among the biggest DeFi hacks for 2025. Soon after the exploit, a whale dormant for over three years moved in to withdraw the entire stake from Balancer.
A whale 0x0090, dormant for 3 years, just woke up after the #Balancer exploit — rushing to withdraw all $6.5M from the #Balancer.
If you still have funds on #Balancer, ⚠️ take action and secure them now. pic.twitter.com/nnR5td0DmZ
— Lookonchain (@lookonchain) November 3, 2025
As DeFi protocols remain more popular for passive yield, they also become more attractive for hackers.
Balancer was exploited for $91M on the Ethereum L1 chain, though assets were also taken on Arbitrum, Base, and Optimism. Soon after the initial attack, the hacker started splitting the assets to new wallets.
Balancer exploited through ongoing smart contract interactions
The current Balancer hack may be due to a flawed smart contract, which allowed the attacker to mint unauthorized tokens. Some of the token interactions included functions like ‘approve infinite wstETH’.
Balancer vaults were attacked with calls to send unauthorized tokens. | Source: DeBank.The Balancer attack wallet was identified, currently holding multiple versions of wrapped ETH on several chains. The coins have not been unwrapped or traded. If the hacker decides to swap some of the assets, this may further exacerbate problems with other DeFi protocols, or crash the price of ETH.
Following the hack, ETH traded at $3,735.04. ETH remains a frequently attacked asset, due to the ease of swapping, trading, or mixing.
The Balancer exploit arrived just days after a smaller theft of $5.5M from the Garden Finance bridge. As Cryptopolitan reported, in the whole month of September, 20 thefts led to a total loss of $127M.
The broader context of DeFi security reveals a pattern: while Balancer’s total value locked (TVL) has declined to $678 million from a high of $3.11 billion in 2022, its role in liquidity provision for wrapped assets makes it a persistent target. Security experts from firms like PeckShield and Certik emphasize that infinite approval mechanisms, if not properly gated, create exploitable entry points for attackers. In this case, the breach’s scale—surpassing many 2025 incidents—prompts questions about the protocol’s audit history and response protocols. Balancer’s team has a track record of recoveries in past events, but the multi-chain nature complicates immediate mitigation.
Frequently Asked Questions
What Caused the Balancer Exploit in 2025 and Which Assets Were Targeted?
The Balancer exploit stemmed from vulnerabilities in smart contracts allowing unauthorized token minting and infinite approvals, primarily targeting wrapped ETH like wstETH across Ethereum L1, Arbitrum, Base, and Optimism. Losses reached $116 million, with V2 pools bearing the brunt due to their handling of these assets in liquidity provision.
Is Balancer V3 Safe After the Recent Hack?
Yes, according to Balancer’s official statement on Discord, the exploit primarily affected V2 pools, leaving V3 unaffected so far. However, users should monitor official updates and withdraw funds if concerned, as ongoing investigations with security experts continue to assess any potential risks to the entire ecosystem.
Balancer V2 pools were affected
Following the attack, Balancer reacted on Discord, stating that mostly V2 pools were affected. Balancer V2 carries relatively limited volumes, though the DEX reported an anomaly of $26B traded in the past 24 hours, based on CoinGecko data. Balancer announced it is working with security experts on the next step.
According to the exchange team, V3 remains unaffected, though there are conflicting data that the hacker attempted to break multiple vaults. Currently, V2 is still leading in terms of volumes, though V3 attempts to become the main trading venue with growing stablecoin activity.
Balancer activity has remained relatively low compared to newer DEXs and DeFi platforms. The chain locked in $678M, down from a peak $3.11B in 2022. The platform attempted to renew its influence during the latest bull cycle.
The hack hardly affected the BAL native token, which is traded on low volumes and has lost over 99% of its value since launch.
DeFi’s evolution continues to balance innovation with risk, as seen in this incident. Balancer’s response involves collaboration with leading blockchain security auditors to patch vulnerabilities and enhance multi-chain safeguards. Historical data from sources like DefiLlama shows that while exploits like this erode trust, they also drive improvements—Balancer’s TVL recovery post-2022 bear market exemplifies resilience. Investors and users alike benefit from heightened awareness, prompting wider adoption of hardware wallets and multi-signature setups for asset protection.
Key Takeaways
- Multi-Chain Vulnerabilities Exposed: The Balancer exploit demonstrated how attacks can span Ethereum L1 and L2 networks, emphasizing the need for protocol-wide security audits.
- Smart Contract Flaws Persist: Infinite approval functions remain a common entry point for hackers, with wrapped ETH as a prime target due to its liquidity and interoperability.
- Swift User Action Recommended: Following the hack, dormant whales withdrew funds promptly—users should secure assets immediately and follow official protocol updates for recovery details.
Conclusion
The 2025 Balancer exploit, with its staggering $116 million in losses from smart contract manipulations targeting Balancer hack elements across chains, serves as a stark reminder of DeFi’s inherent risks amid growing adoption. While V2 pools absorbed the primary damage and V3 remained secure, the incident underscores the importance of robust auditing and user vigilance in the Balancer exploit landscape. As the protocol collaborates with security experts for remediation, the DeFi community looks toward enhanced protections to foster sustainable growth and investor confidence in the coming months.
