The Balancer exploit in 2025 resulted in approximately $128 million stolen from liquidity pools across Ethereum, Arbitrum, and Base. A precision error in Balancer V2 allowed attackers to undervalue pool tokens, enabling asset swaps for profit. Berachain halted its network and plans a hard fork to recover funds.
-
Exploit Details: A rounding error in Balancer V2 Composable Stable Pools was exploited through targeted swaps in a single transaction.
-
Impacted Chains: Ethereum, Arbitrum, Base, and forks like Berachain’s decentralized exchange faced vulnerabilities.
-
Loss Estimates: Security firms Cyvers and PeckShield report $128 million in total thefts, with Berachain losing $12.86 million; Nansen estimates around $100 million adjusted for market dips.
Discover the Balancer exploit 2025 details: $128M stolen from crypto pools amid precision flaws. Learn impacts on Berachain and recovery steps. Stay informed on DeFi security risks today.
What Is the Balancer Exploit in 2025?
The Balancer exploit in 2025 refers to a significant security breach targeting the Balancer V2 Composable Stable Pools, where an attacker exploited a precision or rounding error to steal digital assets valued at about $128 million. This incident affected liquidity pools on multiple blockchains, including Ethereum, Arbitrum, and Base, by undervaluing Balancer Pool Tokens through strategic swaps in one transaction. As a direct consequence, the emerging Berachain network paused operations and initiated a hard fork to mitigate further losses and restore user funds.
How Did the Attack on Berachain Unfold?
The attack on Berachain stemmed from its native decentralized exchange being built on the vulnerable Balancer V2 codebase, leading to an estimated $12.86 million in stolen assets. Validators coordinated to halt the blockchain around 7:48 AM UTC on November 3, 2025, to prevent additional exploitation while preparing an emergency hard fork. This rollback addresses non-native assets affected, ensuring liquidity providers’ safety, though it raises debates on blockchain immutability similar to past events like the 2016 DAO hack.
Security firm Cyvers noted that the halt was necessary due to the exploit’s broad impact beyond just Berachain’s BERA token. The Berachain Foundation explained that the process involves more complexity than a standard fork, given the multi-asset involvement. Founder Smokey the Bera emphasized user protection, stating, “Users and LPs on the network are always our priority and when approximately $12 million of user funds are at risk from a malicious attacker, we attempted to coordinate the validator set to protect those users.” This approach prioritizes fund recovery over strict immutability principles.
Post-halt, the network aims to resume operations quickly, with Berachain’s token experiencing a nearly 10% drop to a $211 million market capitalization, per CoinGecko data. Such incidents underscore the interconnected risks in DeFi ecosystems, where shared codebases can propagate vulnerabilities across chains.
Frequently Asked Questions
What Caused the $128 Million Theft in the Balancer Exploit?
The theft resulted from a tiny precision error in Balancer V2 liquidity pools, exploited via multiple swaps in a single transaction that depressed the Balancer Pool Token value. Attackers minted or swapped into these undervalued tokens, then converted them to underlying assets like ETH, netting the difference. On-chain analytics from Nansen confirmed this mechanism isolated to V2 Composable Stable Pools, sparing V3 versions.
Why Did Berachain Halt Its Blockchain After the Exploit?
Berachain halted its chain to address Balancer V2 exploits impacting its decentralized exchange, which uses the same vulnerable code. This protective measure, coordinated by validators, allows for an emergency hard fork to rollback transactions and safeguard $12.86 million in user funds. The foundation assures quick resumption, balancing security with network continuity in plain, actionable terms.
Key Takeaways
- Precision Vulnerabilities in DeFi: Rounding errors in liquidity pool designs can lead to massive exploits, highlighting the need for rigorous code audits in automated market makers.
- Cross-Chain Risks: Shared codebases like Balancer V2 amplify threats across Ethereum, Arbitrum, Base, and forks such as Berachain’s BEX, affecting diverse protocols.
- Response Strategies: Halting networks and hard forks, while controversial, prioritize user fund recovery—monitor Balancer’s postmortem for enhanced stable pool security.
Conclusion
The Balancer exploit in 2025 exposed critical flaws in DeFi liquidity pools, resulting in $128 million stolen and prompting Berachain’s blockchain halt for a hard fork recovery. Insights from experts at Nansen and Cyvers reveal how precision errors enable rapid asset drains, urging protocols to fortify V2 implementations. As the ecosystem evolves, ongoing collaboration with security researchers will bolster resilience, encouraging investors to evaluate risks before engaging with composable stable pools—stay vigilant for upcoming postmortems and fortified defenses.
