Balancer’s V2 vaults were picked clean for roughly $70.6m on Ethereum and (via forks and clones) roughly $116m across chains (figures under verification). The incident underscores how migration inertia and latent code paths can magnify residual risk. It is a reminder that upgrades don’t absolve you from the liabilities of legacy code.
Early on 3rd November, the DeFi protocol Balancer suffered a surgical exploit that extracted about US$70.6 million in Ethereum-based assets from its V2 vaults and moved them to a fresh address: 0xaa760d53541d8390074c61defeaba314675b8e3f. The hacker targeted liquidity providers who trusted that “audited” and “upgraded” were synonyms for “safe.” They were not. Forks of Balancer on Base, Polygon, Sonic, Arbitrum, Optimism and Berachain saw related drains, bringing aggregate losses to roughly US$116 million.
Anatomy of the hack
The exploit stemmed from a rounding error in the upscale function affecting EXACT_OUT swaps in Balancer’s Composable Stable Pools. By combining BatchSwaps, deferred settlement, and flash-loan flows, the attacker manipulated internal Vault accounting to withdraw assets beyond intended limits. Many of the drained tokens remained as internal balances before later withdrawals.
What was taken, and how
On-chain tracking shows the major items siphoned included several thousand osETH, multiple thousands of WETH and significant amounts of wrapped staked ETH variants. Those assets were routed through the new address and then into consolidators that suggest an intent to bridge or mix the proceeds. The initial $70.6m figure applies to Ethereum mainnet; similar logic compromised Balancer forks elsewhere, which is why the overall tally inches closer to $100m.
Auditors test edges; attackers exploit assumption gaps and outdated integrations, the Balancer hack was exactly that.
Why V2 stayed vulnerable
Balancer V2’s Composable Stable design allowed batch swaps with deferred settlement, where LP tokens are treated like regular assets. That architecture introduced an edge case in the rounding logic, a risk V3 eliminates with stricter isolation. Migration friction left substantial capital on older V2 contracts, and audits of past versions did not capture the exploit scenario now exposed.
Mitigation and Recoveries
Hypernative’s automated pause triggered within minutes, halting CSPv6 pools and disabling new pool creation. Balancer invoked its SEAL Safe Harbor framework for whitehat coordination, enabling partners to freeze or reclaim assets. StakeWise recovered ~5,041 osETH (~$19m) and 13,495 osGNO (~$1.7–2m). Additional recoveries came via BitFinding, Base MEV bots, and Sonic Labs. Berachain validators executed an emergency network halt to contain exposure on BEX.
Balancer is continuing reconciliation across partners under SEAL and zeroShadow oversight before releasing final validated totals.
This episode also shows why code reuse across chains is a double-edged sword. Developers deploy the same plumbing across L2s and sidechains for convenience; attackers deploy the same exploit logic across those chains for efficiency. Once an architectural flaw is found in a widely forked base, damage multiplies.
Market and governance fallout
Liquidity providers voted with their wallets: Balancer’s Total Value Locked fell sharply as LPs withdrew funds. BAL, the governance token, slumped on the news. Governance channels are erupting with demands: pause V2 pools, incentivise urgent migration, audit all forks, open a bounty for returning funds. The community response will determine whether Balancer’s recovery is technical or reputational (and reputation is the harder currency to buy back).
Balancer’s immediate priorities are triage: identify the exact vulnerability path, quarantine affected pools, coordinate with bridges and CEXs to freeze flows where possible, and publish a transparent post-mortem. But even aggressive remediation won’t entirely erase the broader lesson: you cannot treat legacy contracts as optional risks once substantial liquidity sits on them.
Balancer confirmed the incident was confined to Composable Stable Pools on V2 and its forks. V3 and all other V2 pool types remain unaffected.
Broader implications
The Balancer hack is a textbook case of three systemic weaknesses colliding:
- Legacy risk. Old contracts remain live and hold value; deprecation is operationally painful, so it is deferred.
- Audit overconfidence. Audits check what exists, not every possible dynamic exploit. A codebase that passed static review can still be vulnerable in composable, multi-call flows.
- Fork contagion. The same vulnerable architecture deployed across multiple chains turns a single exploit into a multi-chain disaster.
For projects and LPs this means operational discipline is now a security posture: accelerate migrations, enforce sunset policies for outdated contracts, and treat audits as one input among many, not as an absolution.
What to watch next
Expect a Balancer post-mortem that traces the exploited function, the exact sequence of calls and recommendations for hard deprecation. Watch for white-hat negotiations; sometimes these return a slice of funds and reduce systemic losses. Regulators will file this under “evidence” for lifecycle and governance requirements, which will nudge formal standards. And finally, observe whether other protocols use this moment to harden migration incentives rather than merely update documentation.
Disclaimer: This article is for informational purposes only and reflects available data as of update on 6 November 2025. It does not constitute financial, legal, or investment advice. Always verify information independently and exercise caution when interacting with DeFi protocols.
