The DeFi protocol Balancer, one of the largest automated market makers on Ethereum, has suffered a large-scale attack. According to Lookonchain, hackers withdrew over $116 million from Balancer v2 pools, making the incident one of the largest hacks in the protocol’s history.
The attack continues
Nansen analysts were the first to raise the alarm, recording the withdrawal of assets in three transactions to a new address. Among the stolen assets were 6,850 StakeWise Staked ETH (OSETH), 6,590 Wrapped Ether (WETH), and 4,260 Lido wstETH (wSTETH). Initially, the damage was estimated at $70.9 million, but after a few hours, the amount increased to $116.6 million.
The Balancer team confirmed the fact of the attack, stating that engineering and security teams are working with maximum priority:
‘We are aware of a possible attack on Balancer v2 pools. An investigation is underway, updates will be published as new information becomes available.’
According to Nansen analyst Nikolai Søndergaard, the hack is likely related to a bug in the smart contract that allowed the attacker to send a withdrawal command without the appropriate access check.
‘Losses have already exceeded $100 million and affected not only Balancer v2, but also its forks,’ he noted.
Balancer offers a 20% ‘white hat’ reward
To recover the funds, the protocol team announced a reward of up to 20% of the stolen amount if the hacker returns the remaining funds within 48 hours. Otherwise, Balancer promises to hand over all data to law enforcement and analytics companies specializing in blockchain asset tracking.
In an official message recorded on the blockchain, the developers stated:
‘Our partners have a high degree of confidence that they can identify the attacker by access log metadata. The data points to specific IP addresses and timestamps that match network activity.’
A series of incidents with Balancer
This is not the first time Balancer has faced attacks.
- In 2020, the protocol was hacked for $500,000 as a result of a flash loan using the Statera (STA) token.
- In 2023, hackers stole nearly $1 million from pools with a vulnerability discovered a week earlier.
- In 2022, Balancer suffered from a DNS attack when attackers redirected users to a phishing site and stole about $238,000.
The latest hack became the largest in the protocol’s history and triggered a chain reaction in related networks.
Berachain urgently halts the network
The Berachain blockchain, whose ecosystem also uses Balancer infrastructure, suspended the network to conduct an emergency upgrade (hard fork).
‘The halt was performed intentionally to return all affected assets. The network will resume operation after recovery is complete,’ representatives of the Berachain Foundation said.
According to the foundation, the attack affected not only BERA tokens but also external assets, so a standard hard fork was not a sufficient solution.
What next?
The Balancer incident is yet another reminder of security risks in DeFi, especially in open-source protocols with complex architecture. Experts note that a vulnerability in one smart contract can lead to multi-network consequences, especially if liquidity pools are interconnected.
If the attacker returns the assets, it could become a rare example of an ‘ethical hack’, but for now, the Balancer team is preparing for a lengthy investigation and legal action.
Read more: Bitcoin ended October in the red, but the most profitable month is ahead
