Ethereum Updates: Balancer's $116 Million Breach Exposes DeFi Security Vulnerabilities

Bitget App

Trade smarter

Bitget

News

Markets

Ethereum Updates: Balancer's $116 Million Breach Exposes DeFi Security Vulnerabilities

Bitget-RWA2025/11/03 20:42

By:Bitget-RWA

- DeFi protocol Balancer suffered a $116M exploit via v2 pool vulnerabilities, draining assets across Ethereum, Arbitrum, and other chains. - Attackers exploited infinite approval flaws in wstETH and other tokens, rapidly transferring stolen funds to new wallets, raising laundering concerns. - Balancer confirmed the breach, advised users to avoid affected pools, while TVL dropped to $678M and BAL token fell over 5%. - Forked projects like Beets Finance also lost $3.5M, with security firms attributing risks

The decentralized finance (DeFi) platform

Balancer

has acknowledged a significant security incident, resulting in losses surpassing $116 million across several blockchain ecosystems, such as

Ethereum

Arbitrum

, Base, and Optimism, as detailed in

a Coinotag report

. This attack, which exploited weaknesses in the protocol’s smart contracts, has intensified concerns about DeFi security, especially for platforms handling substantial liquidity pools.

Ethereum Updates: Balancer's $116 Million Breach Exposes DeFi Security Vulnerabilities image 0

The exploit took advantage of a vulnerability in Balancer’s v2 pools, enabling unauthorized asset withdrawals through infinite approval mechanisms for tokens like wrapped staked ETH (wstETH). Blockchain data,

reported by Coinpedia

, showed that the attacker siphoned 6,587 WETH, 6,851 osETH, and 4,260 wstETH—amounting to roughly $116.6 million as of November 3, 2025. The theft occurred swiftly, with the stolen funds rapidly moved to new wallets, sparking concerns about possible laundering through decentralized mixers or cross-chain bridges, as

Yahoo Finance reported

Balancer’s technical and security teams have verified the breach, advising users to steer clear of compromised pools and assuring that v3 pools remain unaffected, according to

a BeinCrypto report

. The protocol’s total value locked (TVL) has since fallen to $678 million, a steep drop from its 2022 high of $3.11 billion. In addition, Balancer’s native BAL token declined by more than 5% after the incident, deepening investor unease.

The cross-chain aspect of the exploit worsened the impact, with further losses reported on forked protocols such as Beets Finance and

Berachain

. For instance,

Sonic

and Polygon networks experienced outflows of $3.4 million and $117,000, respectively, according to

a Coinotag update

. Security organizations like PeckShield and Certik have pointed out that such exploits often originate from outdated code, highlighting the necessity for ongoing security reviews even in established DeFi projects.

In response, Balancer is working with blockchain security professionals to address the vulnerabilities and strengthen protections. The team has indicated that users impacted by the hack might qualify for compensation, although a formal recovery strategy has yet to be announced. This event marks the third major security compromise for Balancer in the past five years, following previous incidents referenced in

an earlier Yahoo report

The wider DeFi sector has responded with increased vigilance. Experts caution that this breach exposes fundamental risks in liquidity protocols, especially those that depend on interconnected pools and composability. With the global DeFi TVL exceeding $75 billion, specialists emphasize the critical role of secure multi-signature arrangements and hardware wallets to reduce future threats.

Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.

PoolX: Earn new token airdrops

Lock your assets and earn 10%+ APR

Lock now!

- StakeWise DAO recovered 5,041 osETH and 13,495 osGNO from Balancer's $128M exploit, partially addressing the breach. - Attackers exploited token invariant math in V2 Composable Stable Pools despite 11 audits by top firms since 2021. - The breach spread across Ethereum, Base, Polygon, and Arbitrum, with Ethereum suffering most losses. - StakeWise's success highlights partial asset recovery potential but underscores DeFi's vulnerability to invariant manipulation attacks. - Industry faces audit paradox as 2

Bitget-RWA•2025/11/04 02:06

Ethereum News Update: 11 Security Reviews, $128 Million Gone—The DeFi Audit Dilemma Unveiled

Ethena USDe market cap drops 40% after October crash

TheCryptoUpdates•2025/11/04 02:03

XRP News Today: Ripple Establishes Wall Street Connection for Digital Assets as RLUSD Exceeds $1 Billion

- Ripple Labs launched Ripple Prime, a Wall Street-style OTC brokerage for institutional crypto trading, alongside RLUSD's $1B market cap milestone. - The platform enables cross-margining between XRP/RLUSD and traditional assets, addressing liquidity gaps via Ripple's custody and payments infrastructure. - XRP now serves as a core institutional asset for hedging and financing, bridging traditional portfolios with digital markets through compliance-focused infrastructure. - This hybrid model aims to reshape

Bitget-RWA•2025/11/04 01:50

XRP News Today: Ripple Establishes Wall Street Connection for Digital Assets as RLUSD Exceeds $1 Billion

Crypto’s Regulatory Balancing Act: How the US and Nigeria Weigh Innovation Against Combating Fraud

- U.S. regulators face controversy over Trump's pardon of Binance founder CZ, raising concerns about regulatory consistency and crypto-business ties. - Nigeria's SEC reports $218M in crypto Ponzi scheme losses, pushing for stricter oversight to combat fraud exploiting investor greed. - U.S. Congress debates crypto regulatory framework amid bipartisan divides, seeking clarity for an evolving digital asset landscape. - Global crypto markets grapple with balancing innovation incentives against fraud preventio

Bitget-RWA•2025/11/04 01:50